Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5408

Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

5.3CVSS5.9AI score0.02631EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS9.3AI score0.02414EPSS
Exploits0References11
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

CVE-2017-5428

An integer overflow in "createImageBitmap" was reported through the Pwn2Own contest. The fix for this vulnerability disables the experimental extensions to the "createImageBitmap" API. This function runs in the content sandbox, requiring a second vulnerability to compromise a user's computer. Thi...

9.8CVSS7.3AI score0.02802EPSS
Exploits1References5
OSV
OSV
added 2018/06/11 9:29 p.m.4 views

CVE-2017-5411

A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is only in use on...

7.5CVSS7.3AI score
Exploits0References5
OSV
OSV
added 2017/03/07 12:0 a.m.3 views

UBUNTU-CVE-2017-5417

When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects...

5.3CVSS6.8AI score0.0111EPSS
Exploits0References4
OSV
OSV
added 2017/03/07 12:0 a.m.3 views

UBUNTU-CVE-2017-5415

An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox 52...

5.3CVSS6.9AI score0.12587EPSS
Exploits2References4
OSV
OSV
added 2017/03/07 12:0 a.m.3 views

UBUNTU-CVE-2017-5419

If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...

7.5CVSS7AI score0.02365EPSS
Exploits1References4
Rows per page
Query Builder