Lucene search
+L

6 matches found

OSV
OSV
added 2018/06/11 9:29 p.m.5 views

CVE-2018-5115

If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently loaded foreground page. Although the prompt contains the real domain making the request, this can result in user confusion about the originating site of the...

7.5CVSS7.2AI score0.02582EPSS
Exploits0References5
OSV
OSV
added 2018/06/11 9:29 p.m.3 views

CVE-2018-5119

The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox 58...

5.3CVSS7.3AI score0.01578EPSS
Exploits0References5
OSV
OSV
added 2018/06/11 9:29 p.m.7 views

CVE-2018-5113

The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox 58...

7.5CVSS7.2AI score0.02074EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/01/24 10:5 a.m.6 views

Mozilla: Integer overflow in Skia library during edge builder allocation (MFSA 2018-03)

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, a...

9.8CVSS7.4AI score0.04265EPSS
Exploits0References5
OSV
OSV
added 2018/01/23 12:0 a.m.5 views

UBUNTU-CVE-2018-5113

The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox 58...

7.5CVSS7.1AI score0.02074EPSS
Exploits0References4
OSV
OSV
added 2018/01/23 12:0 a.m.3 views

UBUNTU-CVE-2018-5094

A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox 58...

7.5CVSS7.4AI score0.15444EPSS
Exploits0References4
Rows per page
Query Builder