Lucene search
K

419 matches found

VulnCheck KEV
VulnCheck KEV
added 2022/08/15 12:0 a.m.2 views

VulnCheck KEV: CVE-2022-1802

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR 91.9.1, Firefox 100.0.2, Firefox for Android...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.38 views

Rocky Linux 8 : thunderbird (RLSA-2022:4769)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:4769 advisory. - If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of...

8.8CVSS9.1AI score0.26709EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/06/07 12:0 a.m.40 views

Amazon Linux 2 : thunderbird (ALAS-2022-1804)

The version of thunderbird installed on the remote host is prior to 91.9.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1804 advisory. The Mozilla Foundation Security Advisory describes this flaw as:An attacker could have sent a message to the parent...

8.8CVSS9.1AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 7:49 p.m.7 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 7:33 p.m.6 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 7:13 p.m.6 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 7:6 p.m.8 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 6:57 p.m.4 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 2:55 a.m.7 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/27 2:53 a.m.6 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/26 11:26 p.m.5 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
CISA KEV Catalog
CISA KEV Catalog
added 2022/05/25 12:0 a.m.19 views

Adobe Reader and Acrobat Sandbox Bypass Vulnerability

Adobe Reader and Acrobat on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context...

10CVSS9.2AI score0.2233EPSS
In wildExploits0
Tenable Nessus
Tenable Nessus
added 2022/05/25 12:0 a.m.39 views

SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2022:1830-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1830-1 advisory. Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 bsc1199768: - CVE-2022-1802: Prototyp...

8.8CVSS7.5AI score0.26709EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/05/24 4:41 p.m.6 views

Mozilla: Prototype pollution in Top-Level Await implementation

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/24 12:0 a.m.29 views

SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2022:1818-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1818-1 advisory. Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 bsc1199768: - CVE-2022-1802: Prototype pollution in Top-Level Await...

8.8CVSS7.5AI score0.26709EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/05/24 12:0 a.m.40 views

Debian DLA-3021-1 : firefox-esr - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3021 advisory. Manfred Paul discovered two security issues in the Mozilla Firefox web browser, which could result in the execution of arbitrary code. For Debian 9 stretch, these...

8.8CVSS9.1AI score0.26709EPSS
Exploits0References7
Ubuntu
Ubuntu
added 2022/05/23 1:49 p.m.86 views

USN-5434-1: Firefox vulnerabilities

It was discovered that the methods of an Array object could be corrupted as a result of prototype pollution by sending a message to the parent process. If a user were tricked into opening a specially crafted website, an attacker could exploit this to execute JavaScript in a privileged context...

8.8CVSS8.7AI score0.26709EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2022/05/23 9:19 a.m.51 views

CVE-2022-1802

The Mozilla Foundation Security Advisory describes this flaw as: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context...

8.8CVSS3.9AI score0.26709EPSS
Exploits0References4
OSV
OSV
added 2022/05/23 12:0 a.m.14 views

UBUNTU-CVE-2022-1802

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR 91.9.1, Firefox 100.0.2, Firefox for Android 100.3.0,...

8.8CVSS7.6AI score0.26709EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/23 12:0 a.m.31 views

Debian DSA-5143-1 : firefox-esr - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5143 advisory. - If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of...

8.8CVSS9.1AI score0.26709EPSS
Exploits0References8
Rows per page
Query Builder