CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to read arbitrary files via crafted JavaScript code...

4.3CVSS8.8AI score0.00628EPSS

Exploits0References14

Veracode•added 2017/06/01 4:48 a.m.•13 views

Autofill Passwords

Moodle is vulnerable to autofilled passwords. The form-autocompletion functionality reveals passwords in a non-password field on the create groups page. This only occurs when used on the safari browser on an iPad device...

2.1CVSS6AI score0.00068EPSS

Exploits0References6Affected Software1

Mageia•added 2015/04/03 1:11 p.m.•51 views

Updated iceape packages fix security vulnerabilities

Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors. CVE-2015-0835...

7.5CVSS9.5AI score0.03173EPSS

Exploits0References16

CVE•added 2015/02/25 11:0 a.m.•162 views

CVE-2015-0822

CVE-2015-0822 affects Mozilla Firefox (before 36.0) and Thunderbird (before 31.5). The flaw is in the Form Autocompletion feature, where crafted JavaScript can cause a remote attacker to read arbitrary local files. Public entries in multiple advisories confirm affected products and versions (Fire...

4.3CVSS9.2AI score0.00628EPSS

Exploits0References22Affected Software1

OSV•added 2015/02/25 12:0 a.m.•0 views

UBUNTU-CVE-2015-0822

4.3CVSS7AI score0.00628EPSS

Exploits0References5

UbuntuCve•added 2015/02/25 12:0 a.m.•24 views

CVE-2015-0822

4.3CVSS7AI score0.00628EPSS

Exploits0References4

NVD•added 2012/07/17 10:20 a.m.•10 views

CVE-2012-0800

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

2.1CVSS6.2AI score0.00068EPSS

Exploits0References3

UbuntuCve•added 2012/07/17 10:20 a.m.•18 views

CVE-2012-0800

2.1CVSS5.9AI score0.00068EPSS

Exploits0References2

Prion•added 2012/07/17 10:20 a.m.•11 views

Design/Logic Flaw

2.1CVSS6.8AI score0.00068EPSS

Exploits0References3Affected Software1

Cvelist•added 2012/07/17 10:0 a.m.•12 views

CVE-2012-0800

6.2AI score0.00068EPSS

Exploits0References3

CVE•added 2012/07/17 10:0 a.m.•51 views

CVE-2012-0800

CVE-2012-0800 affects Moodle: form-autocompletion on Moodle 2.0.x (before 2.0.7), 2.1.x (before 2.1.4), and 2.2.x (before 2.2.1) allows reading a password from a non-password field on a create-groups page, demonstrated with Safari on an iPad. Root cause: autofill exposure of password data in non-...

2.1CVSS6.2AI score0.00068EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2012/07/17 12:0 a.m.•2 views

PT-2012-2877 · Moodle · Moodle

Name of the Vulnerable Software and Affected Versions: Moodle versions 2.0.x through 2.0.6 Moodle versions 2.1.x through 2.1.3 Moodle versions 2.2.x through 2.2.0 Description: The form-autocompletion functionality makes it easier for physically proximate attackers to discover passwords by reading...

2.1CVSS6.1AI score0.00068EPSS

Exploits0References5

NVD•added 2011/05/07 6:55 p.m.•16 views

CVE-2011-0067

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...

5CVSS6.2AI score0.0052EPSS

Exploits1References8

UbuntuCve•added 2011/05/04 12:0 a.m.•24 views

CVE-2011-0067

5CVSS5.9AI score0.0052EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by