Lucene search
+L

109 matches found

NVD
NVD
added 2022/12/22 8:15 p.m.21 views

CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

6.5CVSS0.00412EPSS
Exploits0References2
Prion
Prion
added 2022/12/22 8:15 p.m.17 views

Spoofing

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

4.3CVSS5.9AI score0.00412EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2022/12/22 8:15 p.m.38 views

CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

6.5CVSS6.6AI score0.00412EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.6 views

CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...

9.3AI score0.00581EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/12/22 12:0 a.m.24 views

CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

6.2AI score0.00412EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/12/22 12:0 a.m.51 views

CVE-2022-1887

The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...

9.8CVSS9.6AI score0.00581EPSS
Exploits0
CVE
CVE
added 2022/12/22 12:0 a.m.101 views

CVE-2022-31746

CVE-2022-31746 affects Firefox for iOS (versions prior to 102). The issue stems from a leaked secret UUID key via the Referrer header, which could allow an attacker to bypass internal URL protections and disclose protected information. The NVD/connected sources list an impact on integrity with a ...

6.5CVSS5.9AI score0.00412EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/12/22 12:0 a.m.39 views

CVE-2022-31746

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...

6.5CVSS6AI score0.00412EPSS
Exploits0
NVD
NVD
added 2021/06/24 2:15 p.m.27 views

CVE-2021-29958

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...

4.3CVSS0.00671EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/06/24 2:15 p.m.31 views

CVE-2021-29958

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...

4.3CVSS5.9AI score0.00671EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2021/06/24 1:16 p.m.35 views

CVE-2021-29958

When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...

4.3CVSS4AI score0.00671EPSS
Exploits0
CNNVD
CNNVD
added 2021/06/01 12:0 a.m.5 views

github firefox-ios 信息泄露漏洞

github firefox-ios is a github open source application. Firefox for iOS is provided. An information disclosure vulnerability exists in github firefox-ios, which stems from the application outputting too much data during private browsing. When a client initiates a download, it does not check wheth...

4.3CVSS5.2AI score0.00671EPSS
Exploits0References3
NVD
NVD
added 2020/08/10 6:15 p.m.28 views

CVE-2020-15651

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS 28...

4.3CVSS4AI score0.00582EPSS
Exploits0References2
NVD
NVD
added 2020/08/10 6:15 p.m.24 views

CVE-2020-15662

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

6.5CVSS5.9AI score0.00674EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2020/08/10 6:15 p.m.37 views

CVE-2020-15661

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...

6.5CVSS6.6AI score0.00845EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/08/10 6:15 p.m.35 views

CVE-2020-15662

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

6.5CVSS6.6AI score0.00674EPSS
Exploits0References4
Prion
Prion
added 2020/08/10 6:15 p.m.23 views

Privilege escalation

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS 28...

4.3CVSS4.1AI score0.00582EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/08/10 6:15 p.m.21 views

Design/Logic Flaw

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...

4.3CVSS5.9AI score0.00845EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/08/10 6:15 p.m.20 views

Design/Logic Flaw

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

4.3CVSS5.8AI score0.00674EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/10 5:43 p.m.27 views

CVE-2020-15661

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...

6AI score0.00845EPSS
Exploits0References2
Rows per page
Query Builder