SUSE CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

Mozilla Firefox for Android Security Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Firefox for Android suffers from a security vulnerability that stems from the fact that if remote debugging via USB is enabled in versions of Android prior to 6.0, an untrusted application can connect ...

Authentication Bypass Vulnerability in GE PLC IC695CPE330

The GE PLC IC695CPE330 is a General Electric programmable logic controller. The GE PLC IC695CPE330 suffers from an authentication bypass vulnerability that can be exploited by an attacker to bypass privilege validation and gain access to all WEB content...

CVE-2016-5288

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox 49.0.2...

Insecure Cross-Domain Policy (allow-access-from)

The browser security model normally prevents web content from one domain from accessing data from another domain. This is commonly known as the "same origin policy". URL policy files grant cross-domain permissions for reading data. They permit operations that are not permitted by default. The URL...

Microsoft Windows MHTML script injection vulnerability

Overview Microsoft Windows contains an script injection vulnerability in the MHTML protocol handler, which may allow an attacker to execute arbitrary script within the context of another website domain. Description Microsoft Windows contains a script injection vulnerability caused by the way MHTM...