Lucene search
K

251 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2017:1669-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.18756EPSS
Exploits29References6
Mozilla
Mozilla
added 2021/03/23 12:0 a.m.205 views

Security Vulnerabilities fixed in Firefox 87 — Mozilla

A transient execution vulnerability, named Floating Point Value Injection FPVI allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. A related vulnerability, Speculative Code Store Bypass SCSB, did not affect Firefox. A texture upload of a...

8.1CVSS0.8AI score0.01852EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2020/10/01 7:15 p.m.2 views

CVE-2020-15663

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to ...

8.8CVSS7.9AI score0.02716EPSS
Exploits0References6
NVD
NVD
added 2020/10/01 7:15 p.m.24 views

CVE-2020-15663

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to ...

9.3CVSS0.02716EPSS
Exploits0References6
Prion
Prion
added 2020/10/01 7:15 p.m.17 views

Code injection

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to ...

9.3CVSS8.3AI score0.02716EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2020/10/01 7:15 p.m.28 views

CVE-2020-15663

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to ...

9.3CVSS7.8AI score0.02716EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/10/01 6:43 p.m.43 views

CVE-2020-15663

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to ...

9.3CVSS9.6AI score0.02716EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.25 views

Mozilla Firefox ESR Security Advisories (MFSA2020-36, MFSA2020-38) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.3CVSS8.9AI score0.02716EPSS
Exploits0References1
Veracode
Veracode
added 2020/08/31 3:45 a.m.31 views

Remote Code Execution (RCE)

Firefox is vulnerable to remote code execution RCE. If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by...

8.8CVSS6.3AI score0.02716EPSS
Exploits0References8Affected Software2
Mozilla
Mozilla
added 2020/08/25 12:0 a.m.50 views

Security Vulnerabilities fixed in Thunderbird 78.2 — Mozilla

If Thunderbird is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back...

9.3CVSS3.3AI score0.02716EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/09/27 6:15 p.m.2 views

CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...

7.8CVSS7.1AI score0.00228EPSS
Exploits0References6
OSV
OSV
added 2019/09/27 6:15 p.m.3 views

CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7CVSS7.2AI score0.00209EPSS
Exploits0References6
NVD
NVD
added 2019/09/27 6:15 p.m.15 views

CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7CVSS6.4AI score0.00209EPSS
Exploits0References6
Prion
Prion
added 2019/09/27 6:15 p.m.19 views

Privilege escalation

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...

4.6CVSS7.7AI score0.00228EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2019/09/27 6:15 p.m.28 views

CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7CVSS7.1AI score0.00209EPSS
Exploits0References2
Prion
Prion
added 2019/09/27 6:15 p.m.21 views

Race condition

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

4.4CVSS7.1AI score0.00209EPSS
Exploits0References6Affected Software2
UbuntuCve
UbuntuCve
added 2019/09/27 6:15 p.m.17 views

CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References2
OSV
OSV
added 2019/09/27 6:15 p.m.5 views

UBUNTU-CVE-2019-11753

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the...

7.8CVSS6.9AI score0.00228EPSS
Exploits0References3
CVE
CVE
added 2019/09/27 5:20 p.m.221 views

CVE-2019-11736

CVE-2019-11736 describes a local-privilege-escalation vulnerability in the Mozilla Maintenance Service on Windows. The issue arises because the service does not guard against hardlinks in the updates directory, enabling replacement of local files (including the Maintenance Service executable) and...

7CVSS7.2AI score0.00209EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2019/09/27 5:20 p.m.18 views

CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7.4AI score0.00209EPSS
Exploits0References6
Rows per page
Query Builder