Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.3 views

SUSE CVE-2020-26961

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...

6.1CVSS8.5AI score0.01151EPSS
Exploits0References15
OSV
OSV
added 2020/12/09 1:15 a.m.4 views

CVE-2020-26963

Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox 83...

4.3CVSS6.9AI score0.00839EPSS
Exploits0References2
OSV
OSV
added 2020/12/09 1:15 a.m.6 views

CVE-2020-26952

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

8.8CVSS7.4AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/11/30 11:12 p.m.3 views

Mozilla: XSS through paste (manual and clipboard API)

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

6.1CVSS7.3AI score0.01218EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:51 a.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.0127EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:48 a.m.4 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.0127EPSS
Exploits0References5
OSV
OSV
added 2020/11/17 12:0 a.m.4 views

UBUNTU-CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

6.1CVSS6.7AI score0.0069EPSS
Exploits0References5
Rows per page
Query Builder