Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16760

Malware in sbrugna...

9.8CVSS9.2AI score0.04187EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-7788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an iframe has a sandbox attribute and its content is specified using srcdoc, that content does not inherit the containing page's Content Security Policy CS...

9.8CVSS7.2AI score0.02336EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-7792

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier OID. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

7.5CVSS9.5AI score0.03261EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.4 views

SUSE CVE-2017-7808

A content security policy CSP "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox 55...

5.4CVSS8.4AI score0.0085EPSS
Exploits0References4
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

CVE-2017-7808

A content security policy CSP "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox 55...

5.3CVSS7.3AI score0.0085EPSS
Exploits0References4
OSV
OSV
added 2018/06/11 9:29 p.m.0 views

DEBIAN-CVE-2017-7791

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS6.9AI score0.01837EPSS
Exploits1References1
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2017-7785

A buffer overflow can occur when manipulating Accessible Rich Internet Applications ARIA attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS9.4AI score0.04187EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2017/08/24 6:45 a.m.3 views

Mozilla: Domain hijacking through appcache fallback (MFSA 2017-19)

A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

8.1CVSS7.2AI score0.02136EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/08/24 6:45 a.m.6 views

Mozilla: Spoofing following page navigation with data: protocol and modal alerts (MFSA 2017-19)

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS7.4AI score0.01837EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/08/24 6:45 a.m.6 views

Mozilla: Buffer overflow viewing certificates with long OID (MFSA 2017-19)

A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier OID. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS7.5AI score0.03261EPSS
Exploits1References5
CNVD
CNVD
added 2017/08/17 12:0 a.m.2 views

Mozilla Firefox memory corruption vulnerability (CNVD-2017-223290)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A memory corruption vulnerability exists in versions of Mozilla Firefox prior to 55. A remote attacker can exploit this vulnerability to execute arbitrary code or corrupt memory...

9.8CVSS9.1AI score0.01909EPSS
Exploits0References1
OSV
OSV
added 2017/08/10 12:0 a.m.2 views

UBUNTU-CVE-2017-7799

JavaScript in the "about:webrtc" page is not sanitized properly being assigned to "innerHTML". Data on this page is supplied by WebRTC usage and is not under third-party control, making this difficult to exploit, but the vulnerability could possibly be used for a cross-site scripting XSS attack...

6.1CVSS6.7AI score0.01412EPSS
Exploits1References3
Rows per page
Query Builder