Lucene search
+L

88 matches found

ATTACKERKB
ATTACKERKB
added 2022/09/20 9:15 p.m.2 views

CVE-2022-32868

A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions...

4.3CVSS5.7AI score0.00848EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/09/20 12:0 a.m.35 views

CVE-2022-32868

A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions...

5.3AI score0.00848EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/09/12 12:0 a.m.5 views

PT-2022-21539 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 16 iOS versions prior to 16 iOS versions prior to 15.7 iPadOS versions prior to 15.7 Description: A logic issue was addressed with improved state management, which could allow a website to track users through Safari w...

4.3CVSS3.9AI score0.00848EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2022/03/28 12:0 a.m.21 views

Mozilla Firefox Security Advisories (MFSA2021-48, MFSA2021-49) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.7AI score0.0383EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/03/28 12:0 a.m.22 views

Mozilla Firefox Security Advisories (MFSA2021-48, MFSA2021-49) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.7AI score0.0383EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/02/14 8:53 a.m.5 views

Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages

The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...

8.8CVSS7.3AI score0.00743EPSS
Exploits0References6
OSV
OSV
added 2021/12/08 10:15 p.m.2 views

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS7.3AI score0.00329EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/12/08 10:15 p.m.34 views

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS5.8AI score0.00329EPSS
Exploits0References4
OSV
OSV
added 2021/12/08 10:15 p.m.11 views

UBUNTU-CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

4.3CVSS5.8AI score0.00329EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.15 views

Mozilla Firefox Security Advisory (MFSA2016-46) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5.4CVSS7AI score0.01252EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2021/11/02 12:0 a.m.115 views

KLA12335 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, perform cross-site scripting attack. Below is a complete...

10CVSS9.4AI score0.0383EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/11/02 12:0 a.m.13 views

PT-2021-7411 · Mozilla +2 · Firefox +2

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 94 Description: The issue is related to a same-origin-violation in the context of Web Extensions, where a Web Extension could access the post-redirect URL of an element clicked, potentially leaking data it should not...

10CVSS8.1AI score0.26709EPSS
Exploits38References454
OSV
OSV
added 2020/07/29 4:40 p.m.3 views

USN-4443-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary...

9.3CVSS7AI score0.0779EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2020/03/12 12:0 a.m.29 views

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-4299-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4299-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...

9.8CVSS7.9AI score0.03191EPSS
Exploits2References13
Ubuntu
Ubuntu
added 2020/03/11 9:53 p.m.96 views

USN-4299-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy CSP...

9.8CVSS7.7AI score0.03191EPSS
Exploits2
OSV
OSV
added 2019/02/12 2:59 p.m.8 views

SUSE-SU-2019:0338-1 Security update for MozillaThunderbird

This update for MozillaThunderbird to version 60.5 fixes the following issues: Security vulnerabilities addressed MSFA 2019-03 MSFA 2018-31 bsc1122983 bsc1119105: CVE-2018-18500: Use-after-free parsing HTML5 stream CVE-2018-18505: Privilege escalation through IPC channel messages CVE-2016-5824 Do...

10CVSS9.4AI score0.12658EPSS
Exploits1References13
OSV
OSV
added 2018/10/18 1:29 p.m.2 views

CVE-2018-12369

WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR 60.1 and Firefox 61...

9.8CVSS7.3AI score0.02522EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.29 views

Mozilla Firefox < 59 Multiple Vulnerabilities

Binary data 700328.prm...

9.8CVSS7.3AI score0.12054EPSS
Exploits2References21
OSV
OSV
added 2018/05/11 12:0 a.m.5 views

UBUNTU-CVE-2018-5166

WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox 60...

7.5CVSS7.2AI score0.02433EPSS
Exploits0References4
OSV
OSV
added 2017/02/08 12:11 p.m.8 views

SUSE-SU-2017:0426-1 Security update for MozillaFirefox

MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues bsc1021991: MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects bsc1021818 MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder bsc1021821 MFSA 2017-02/CVE-2017-5386: WebExtensions can use...

9.8CVSS8.3AI score0.33199EPSS
Exploits16References20
Rows per page
Query Builder