Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.6 views

SUSE CVE-2020-26956

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

6.1CVSS8.4AI score0.01218EPSS
Exploits0References15
OSV
OSV
added 2020/07/09 3:15 p.m.0 views

DEBIAN-CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...

4.4CVSS6.3AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2020/03/13 12:0 a.m.3 views

Mozilla Firefox Memory Corruption Vulnerability (CNVD-2020-18408)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 73. An attacker can exploit the vulnerability to corrupt memory, elevate privileges or possibly execute arbitrary code...

9.8CVSS9.2AI score0.01327EPSS
Exploits0References1
OSV
OSV
added 2020/01/08 10:15 p.m.2 views

CVE-2019-17001

A Content-Security-Policy that blocks in-line scripts could be bypassed using an object tag to execute JavaScript in the protected document cross-site scripting. This is a separate bypass from CVE-2019-17000.Note: This flaw only affected Firefox 69 and was not present in earlier versions.. This...

6.1CVSS7AI score0.00802EPSS
Exploits0References2
CNVD
CNVD
added 2019/10/23 12:0 a.m.2 views

Unspecified Vulnerability in Mozilla Firefox and Mozilla Firefox ESR

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Firefox versions prior to Firefox 70 and...

5.8CVSS8.8AI score0.00791EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/15 12:0 a.m.3 views

Cloud Foundry UAA Information Disclosure Vulnerability

Cloud Foundry UAA is an authentication and managed service endpoint for the CloudFoundry cloud platform from the Cloud Foundry Foundation in the United States. A security vulnerability exists in Cloud Foundry UAA versions prior to 73.3.0 that stems from the endpoint not being properly escaped. An...

6.5CVSS6.8AI score0.01006EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/19 12:0 a.m.11 views

Google Chrome Blink Information Disclosure Vulnerability (CNVD-2018-24370)

Google Chrome is a web browser developed by Google Inc. Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software of Norway. A security vulnerability exists in Blink in Google Chrome versions prior to 70.0.3538.67. The vulnerability can be exploited by ...

6.5CVSS7AI score0.01446EPSS
Exploits0References1
Rows per page
Query Builder