Lucene search
K

89 matches found

RedHat Linux
RedHat Linux
added 2022/07/01 2:0 a.m.5 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 1:31 a.m.3 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 12:27 a.m.3 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/07/01 12:27 a.m.5 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/06/30 11:27 p.m.9 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/06/30 11:21 p.m.5 views

Mozilla: Unavailable PAC file resulted in OCSP requests being blocked

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that if a PAC URL was set and the server that hosts the PAC was not reachable, OCSP requests are blocked, resulting in incorrect error pages being shown...

4.3CVSS7.3AI score0.0058EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.2 views

Mozilla Firefox 代码问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox suffers from a code issue vulnerability that originates when an application configures a PAC URL and is unable to access the server hosting the PAC, OCSP requests are blocked, and the application displays a...

4.3CVSS7.4AI score0.0058EPSS
Exploits0References24
OSV
OSV
added 2022/01/20 2:15 a.m.6 views

CVE-2021-43269

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

8.8CVSS7.5AI score0.01339EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/20 2:15 a.m.3 views

CVE-2021-43269

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

8.8CVSS7.6AI score0.01339EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2022/01/19 8:0 a.m.5 views

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled as demonstrated by a large PAC file that is delivered without a Content-length header.

...

9.8CVSS8.3AI score0.03569EPSS
Exploits0
OSV
OSV
added 2021/08/24 7:15 p.m.5 views

CVE-2021-30966

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...

7.5CVSS5.8AI score0.01473EPSS
Exploits0References4
OSV
OSV
added 2020/09/30 6:15 p.m.8 views

AZL-7271 CVE-2020-26154 affecting package libproxy for versions less than 0.4.17-5

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

9.8CVSS7.7AI score0.03569EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/16 12:0 a.m.5 views

PT-2020-6589 · Libproxy +5 · Libproxy +5

Name of the Vulnerable Software and Affected Versions: libproxy versions prior to 0.4.16 Description: The issue is related to a buffer overflow in the url.cpp file of libproxy when PAC is enabled. This can be triggered by a large PAC file delivered without a Content-length header, potentially...

9.8CVSS9.5AI score0.04284EPSS
Exploits1References60
NVD
NVD
added 2019/05/08 5:29 p.m.17 views

CVE-2019-2047

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS9.3AI score0.01362EPSS
Exploits0References1
OSV
OSV
added 2019/05/08 5:29 p.m.3 views

CVE-2019-2047

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

9.8CVSS6.4AI score0.01362EPSS
Exploits0References1
OSV
OSV
added 2019/05/08 5:29 p.m.2 views

CVE-2019-2045

In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

9.8CVSS7.8AI score0.01362EPSS
Exploits0References1
NVD
NVD
added 2019/05/08 5:29 p.m.21 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

10CVSS9.3AI score0.01334EPSS
Exploits0References1
Prion
Prion
added 2019/05/08 5:29 p.m.16 views

Integer overflow

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

10CVSS9.1AI score0.01334EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/05/08 5:29 p.m.16 views

Type confusion

In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

10CVSS9.1AI score0.01362EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/05/08 5:29 p.m.4 views

CVE-2019-2046

In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. This could lead to remote code execution in the proxy auto-config with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

9.8CVSS7.9AI score0.01334EPSS
Exploits0References1
Rows per page
Query Builder