Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux - уязвимость в firefox

When dragging and dropping an image across origins, the size of the image may be leaked. This behavior was present in version 109 and caused web compatibility issues, as well as this security concern. Therefore, this behavior was disabled until further review. This vulnerability affects Firefox...

6.5CVSS6.7AI score0.00767EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-25741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility...

6.5CVSS7.5AI score0.00767EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/06/02 5:15 p.m.2 views

CVE-2023-25728

The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

6.5CVSS5.9AI score0.00672EPSS
Exploits0References5
OSV
OSV
added 2023/06/02 5:15 p.m.2 views

DEBIAN-CVE-2023-25739

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS8AI score0.00682EPSS
Exploits0References1
OSV
OSV
added 2023/06/02 5:15 p.m.3 views

DEBIAN-CVE-2023-25735

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS6.5AI score0.00716EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/17 2:5 a.m.5 views

SUSE CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

8.8CVSS6.3AI score0.00681EPSS
Exploits0References8
OSV
OSV
added 2023/02/15 12:0 a.m.2 views

UBUNTU-CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...

8.8CVSS7.1AI score0.00557EPSS
Exploits0References4
OSV
OSV
added 2023/02/15 12:0 a.m.3 views

UBUNTU-CVE-2023-25735

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

8.8CVSS6.6AI score0.00716EPSS
Exploits0References7
Rows per page
Query Builder