Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

236 matches found

OSV
OSVadded 2021/11/03 7:23 p.m.54 views

ALSA-2021:4123 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Security Fixes: Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3...

10CVSS9.4AI score0.0383EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2021/11/03 4:34 p.m.1 views

Mozilla: Use-after-free in file picker dialog

The Mozilla Foundation Security Advisory describes this flaw as: When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash...

8.8CVSS7.3AI score0.01586EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2021/11/03 12:0 a.m.42 views

CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

8.8CVSS7.2AI score0.01586EPSS
Exploits0References6
Kaspersky
Kasperskyadded 2021/11/02 12:0 a.m.108 views

KLA12335 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, perform cross-site scripting attack. Below is a complete...

10CVSS9.4AI score0.0383EPSS
Exploits1References3
OpenVAS
OpenVASadded 2021/08/06 12:0 a.m.16 views

CMS Made Simple < 2.2.15 XSS Vulnerability (Aug 2021)

CMS Made Simple is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.8CVSS5AI score0.00488EPSS
Exploits0References1
NVD
NVDadded 2021/08/05 5:15 p.m.13 views

CVE-2020-22732

CMS Made Simple CMSMS 2.2.14 allows stored XSS via the Extensions Fie Picker...

4.8CVSS0.00488EPSS
Exploits0References1
OSV
OSVadded 2021/08/05 5:15 p.m.1 views

CVE-2020-22732

CMS Made Simple CMSMS 2.2.14 allows stored XSS via the Extensions Fie Picker...

4.8CVSS5.8AI score0.00488EPSS
Exploits0References1
Prion
Prionadded 2021/08/05 5:15 p.m.17 views

Cross site scripting

CMS Made Simple CMSMS 2.2.14 allows stored XSS via the Extensions Fie Picker...

3.5CVSS4.8AI score0.00488EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2021/08/05 4:24 p.m.38 views

CVE-2020-22732

CMS Made Simple (CMSMS) in version 2.2.14 is affected by a stored XSS vulnerability exploitable via the Extensions &gt; Fie Picker. The issue is documented under CVE-2020-22732 across multiple sources (NVD, Red Hat, OpenVAS, etc.). Details in the connected documents confirm the affected product a...

4.8CVSS4.8AI score0.00488EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2021/08/05 12:0 a.m.3 views

CMS Made Simple 跨站脚本漏洞

CMS Made Simple CMSMS is an open source content management system CMS from the CMSMS Cmsms team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. CMS Made Simple CMSMS 2.2.14 suffers from a cross-si...

4.8CVSS4.8AI score0.00488EPSS
Exploits0References2
OSV
OSVadded 2021/02/26 3:15 a.m.2 views

CVE-2021-23956

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

6.5CVSS7.1AI score0.00993EPSS
Exploits1References2
NVD
NVDadded 2021/02/26 3:15 a.m.13 views

CVE-2021-23956

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

6.5CVSS0.00993EPSS
Exploits1References2
Prion
Prionadded 2021/02/26 3:15 a.m.14 views

Design/Logic Flaw

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

4.3CVSS6.5AI score0.00993EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/02/26 2:9 a.m.16 views

CVE-2021-23956

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

6.8AI score0.00993EPSS
Exploits1References2
CVE
CVEadded 2021/02/26 2:9 a.m.182 views

CVE-2021-23956

Mozilla Firefox before 85.0 is affected by CVE-2021-23956 due to an ambiguous file-picker UI that could confuse users intending to upload a single file, potentially resulting in a whole directory being uploaded and exposing directory contents. Public advisories (e.g., Arch Linux ASA-202102-1 and ...

6.5CVSS6.5AI score0.00993EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2021/02/26 2:9 a.m.22 views

CVE-2021-23956

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

6.5CVSS8.1AI score0.00993EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2021/02/26 2:9 a.m.48 views

CVE-2021-23956

An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox 85...

6.5CVSS6.8AI score0.00993EPSS
Exploits1
Veracode
Veracodeadded 2021/01/27 7:32 p.m.22 views

Phishing Attack

firefox is vulnerable to phishing attacks. The vulnerability exists through an ambiguous file picker design that confuses users who intended to select and upload a single file into uploading a whole directory...

6.5CVSS3.1AI score0.00993EPSS
Exploits1References3Affected Software7
Tenable Nessus
Tenable Nessusadded 2021/01/27 12:0 a.m.68 views

Mozilla Firefox < 85.0

The version of Firefox installed on the remote Windows host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in Firefox 84...

8.8CVSS8.1AI score0.01323EPSS
Exploits2References14
Tenable Nessus
Tenable Nessusadded 2021/01/27 12:0 a.m.92 views

Mozilla Firefox < 85.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in...

8.8CVSS8.1AI score0.01323EPSS
Exploits2References14
Rows per page
Query Builder