Lucene search
K

48 matches found

OpenVAS
OpenVAS
added 2021/02/24 12:0 a.m.20 views

Mozilla Firefox ESR Security Advisories (MFSA2021-07, MFSA2021-09) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

8.8CVSS8.2AI score0.0153EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2021/02/23 12:0 a.m.44 views

KLA12091 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A memory safety vulnerability can be exploited to execute arbitrary code. 2. A...

8.8CVSS8.6AI score0.0153EPSS
Exploits0References3
Prion
Prion
added 2020/10/01 7:15 p.m.29 views

Code injection

When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...

4.3CVSS6.4AI score0.01234EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2020/10/01 6:42 p.m.160 views

CVE-2020-15666

CVE-2020-15666 affects Firefox before 80 (desktop and Android); the issue is an information-disclosure vulnerability where loading a non-video in an audio/video context leaks the exact HTTP status code via the MediaError Message. This could enable login-status inference to services or local-netwo...

6.5CVSS6.3AI score0.01234EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinux
added 2020/10/01 6:42 p.m.44 views

CVE-2020-15666

When trying to load a non-video in an audio/video context the exact status code 200, 302, 404, 500, 412, 403, etc. was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status ...

6.5CVSS6.7AI score0.01234EPSS
Exploits1
Mozilla
Mozilla
added 2020/09/02 12:0 a.m.105 views

Security Vulnerabilities fixed in Firefox for Android 80 — Mozilla

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

6.5CVSS8.2AI score0.01449EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2020/08/31 3:45 a.m.28 views

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists as the MediaError message property leaks cross-origin response status when trying to load a non-video in an audio/video context...

6.5CVSS1.4AI score0.01234EPSS
Exploits1References3Affected Software6
Kaspersky
Kaspersky
added 2020/08/25 12:0 a.m.97 views

KLA11942 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...

9.3CVSS9.5AI score0.02716EPSS
Exploits2References3
Rows per page
Query Builder