Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5954 matches found

Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.38 views

RHEL 9 : firefox (RHSA-2024:1487)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1487 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.36 views

RHEL 9 : firefox (RHSA-2024:1483)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1483 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.48 views

RHEL 8 : firefox (RHSA-2024:1491)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1491 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
OpenVAS
OpenVASadded 2024/03/25 12:0 a.m.21 views

Mozilla Firefox Security Update (MFSA2024-15) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS8.9AI score0.22935EPSS
Exploits2References1
Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.53 views

RHEL 8 : firefox (RHSA-2024:1484)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1484 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Tenable Nessus
Tenable Nessusadded 2024/03/25 12:0 a.m.39 views

RHEL 9 : firefox (RHSA-2024:1485)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1485 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Veracode
Veracodeadded 2024/03/24 12:13 p.m.27 views

Privilege Escalation

Firefox is vulnerable to a Privilege Escalation. The vulnerability is due to the unauthorized injection of an event handler into a privileged object, leading to arbitrary JavaScript execution in the parent process...

8.4CVSS6.8AI score0.047EPSS
Exploits0References6Affected Software3
SUSE CVE
SUSE CVEadded 2024/03/23 3:34 a.m.3 views

SUSE CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.8CVSS8.6AI score0.047EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2024/03/23 12:0 a.m.25 views

Debian dsa-5645 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5645 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5645-1...

8.4CVSS8.6AI score0.047EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2024/03/23 12:0 a.m.29 views

Slackware Linux 15.0 / current mozilla-firefox Vulnerability (SSA:2024-083-01)

The version of mozilla-firefox installed on the remote host is prior to 115.9.1esr. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-083-01 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript executi...

8.4CVSS8.5AI score0.047EPSS
Exploits0References2
NVD
NVDadded 2024/03/22 1:15 p.m.19 views

CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.4CVSS6.7AI score0.047EPSS
Exploits0References5
OSV
OSVadded 2024/03/22 1:15 p.m.7 views

CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.4CVSS7.6AI score
Exploits0References5
CVE
CVEadded 2024/03/22 12:55 p.m.367 views

CVE-2024-29944

The CVE-2024-29944 issue affects Mozilla Firefox on desktop (not mobile), allowing an attacker to inject an event handler into a privileged object to achieve arbitrary JavaScript execution in the parent process. Affects Firefox versions older than 124.0.1 and Firefox ESR older than 115.9.1; multi...

8.4CVSS6.7AI score0.047EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinuxadded 2024/03/22 12:55 p.m.34 views

CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.4CVSS6.9AI score0.047EPSS
Exploits0
OSV
OSVadded 2024/03/22 12:0 a.m.2 views

UBUNTU-CVE-2024-29944

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox 124.0.1 and...

8.4CVSS7.4AI score0.047EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.30 views

Mozilla Firefox < 124.0.1

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 124.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-15 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary...

9.8CVSS8.6AI score0.22935EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.28 views

Mozilla Firefox < 124.0.1

The version of Firefox installed on the remote Windows host is prior to 124.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-15 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...

9.8CVSS8.5AI score0.22935EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.58 views

Mozilla Firefox ESR < 115.9.1

The version of Firefox ESR installed on the remote Windows host is prior to 115.9.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-16 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution ...

8.4CVSS8.5AI score0.047EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2024/03/22 12:0 a.m.36 views

Mozilla Firefox ESR < 115.9.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.9.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-16 advisory. - An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...

8.4CVSS8.5AI score0.047EPSS
Exploits0References2
OSV
OSVadded 2024/03/20 2:58 p.m.18 views

GHSA-FH7P-5F6G-VJ2W Stored Cross-Site Scripting (XSS) vulnerability in GeoServer's REST Resources API

Summary A stored cross-site scripting XSS vulnerability exists that enables an authenticated administrator with workspace-level privileges to store a JavaScript payload in uploaded style/legend resources that will execute in the context of another administrator's browser when viewed in the REST...

4.8CVSS5AI score0.00487EPSS
Exploits1References6
Rows per page
Query Builder