Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-11698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content...

5.3CVSS7.5AI score0.01392EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.2 views

SUSE CVE-2019-9820

A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

7.5CVSS9.3AI score0.01638EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11691

A use-after-free vulnerability can occur when working with XMLHttpRequest XHR in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

7.5CVSS9.3AI score0.01606EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:1388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.09393EPSS
Exploits4References4
RedhatCVE
RedhatCVE
added 2020/04/05 5:18 a.m.33 views

CVE-2019-9818

A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. Note: this vulnerability only affects Windows. Other operating...

8.3CVSS2.2AI score0.00954EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/04 5:47 a.m.37 views

CVE-2019-11709

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

9.8CVSS3.1AI score0.02349EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/07/23 1:19 p.m.31 views

CVE-2019-11709

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

9.8CVSS10AI score0.02349EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/07/11 12:0 a.m.40 views

CVE-2019-11709

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

9.8CVSS7.3AI score0.02349EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/06/03 8:55 p.m.3 views

Mozilla: Use-after-free in XMLHttpRequest

A use-after-free vulnerability can occur when working with XMLHttpRequest XHR in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7, Firefox 67, and Firefox ESR 60.7...

9.8CVSS7.2AI score0.01606EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/06/03 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2019:1388-1)

This update for MozillaFirefox fixes the following issues : Security issues fixed : CVE-2019-11691: Use-after-free in XMLHttpRequest CVE-2019-11692: Use-after-free removing listeners in the event listener manager CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux CVE-2019-11694:...

9.8CVSS7.6AI score0.09393EPSS
Exploits4References28
RedHat Linux
RedHat Linux
added 2019/05/23 4:8 p.m.5 views

Mozilla: Type confusion with object groups and UnboxedObjects

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...

5.9CVSS7.3AI score0.06175EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2019/05/23 3:53 p.m.2 views

Mozilla: Type confusion with object groups and UnboxedObjects

A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all...

5.9CVSS7.3AI score0.06175EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/05/23 12:0 a.m.44 views

FreeBSD : mozilla -- multiple vulnerabilities (44b6dfbf-4ef7-4d52-ad52-2b1b05d81272)

Mozilla Foundation reports : CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...

9.8CVSS7.3AI score0.09393EPSS
Exploits6References25
Mozilla
Mozilla
added 2019/05/21 12:0 a.m.146 views

Security vulnerabilities fixed in Firefox ESR 60.7 — Mozilla

If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main...

9.8CVSS0.06175EPSS
Exploits1References17Affected Software1
FreeBSD
FreeBSD
added 2019/05/21 12:0 a.m.50 views

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS CVE-2019-9816: Type confusion with object groups and UnboxedObjects CVE-2019-9817: Stealing of cross-domain images using canvas CVE-2019-9818: Use-after-free in crash generation server...

9.8CVSS0.09393EPSS
Exploits6References3
ALT Linux
ALT Linux
added 2019/05/20 12:0 a.m.39 views

Security fix for the ALT Linux 10 package thunderbird version 60.7.0-alt1

May 20, 2019 Andrey Cherepanov 60.7.0-alt1 - New version 60.7.0. - Fixed: + CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS + CVE-2019-9816 Type confusion with object groups and UnboxedObjects + CVE-2019-9817 Stealing of cross-domain images using canvas + CVE-2019-9818...

7.5CVSS8AI score0.09393EPSS
Exploits4
Rows per page
Query Builder