Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-17001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document cross-site scripting...

6.1CVSS7.5AI score0.00802EPSS
Exploits0References2
OSV
OSV
added 2020/01/08 10:15 p.m.3 views

CVE-2019-17001

A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document cross-site scripting. This is a separate bypass from CVE-2019-17000.Note: This flaw only affected Firefox 69 and was not present in earlier versions.. This...

6.1CVSS7AI score0.00802EPSS
Exploits0References2
OSV
OSV
added 2020/01/08 9:15 p.m.4 views

DEBIAN-CVE-2019-11764

Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefo...

8.8CVSS8.9AI score0.0146EPSS
Exploits1References1
OSV
OSV
added 2019/09/27 6:15 p.m.2 views

CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7CVSS7.2AI score0.00209EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2019/09/16 2:39 p.m.23 views

Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images

A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a canvas element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft. This...

6.5CVSS7.3AI score0.01692EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/09/12 10:55 a.m.7 views

Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

8.8CVSS7.4AI score0.01643EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/09/12 10:16 a.m.4 views

Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

8.8CVSS7.4AI score0.01643EPSS
Exploits0References5
CNVD
CNVD
added 2019/09/05 12:0 a.m.3 views

Mozilla Firefox elevation of privilege vulnerability (CNVD-2019-30440)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An elevation of privilege vulnerability exists in previous versions of Firefox 69 on Windows-based platforms, which can be exploited by attackers to gain elevated privileges...

7CVSS8.9AI score0.00209EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/09/04 8:14 p.m.5 views

Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This...

8.8CVSS7.4AI score0.01643EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2019/09/04 9:21 a.m.2 views

Firefox 69 Now Blocks 3rd-Party Tracking Cookies and Cryptominers By Default

Mozilla has finally enabled the "Enhanced Tracking Protection" feature for all of its web browser users worldwide by default with the official launch of Firefox 69 for Windows, Mac, Linux, and Android. The company enabled the "Enhanced Tracking Protection" setting by default for its browser in Ju...

5.9AI score
Exploits0
OSV
OSV
added 2019/09/04 12:0 a.m.11 views

UBUNTU-CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7.3AI score0.01302EPSS
Exploits0References4
Rows per page
Query Builder