Lucene search
K

380 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2011-1190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to...

5CVSS7.9AI score0.019EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-15652

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content...

6.5CVSS7.6AI score0.01263EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-4769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses...

5.9CVSS7.4AI score0.00366EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 4: thunderbird (TSSA-2024:0469)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0469 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.8CVSS8.3AI score0.72648EPSS
Exploits19References16
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 2: firefox (TSSA-2024:0250)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0250 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

8.8CVSS8.3AI score0.72648EPSS
Exploits18References7
RedhatCVE
RedhatCVE
added 2025/05/22 4:58 a.m.7 views

CVE-2011-2622

Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service application crash via unknown vectors...

5CVSS6.7AI score0.02196EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.38 views

CentOS 7 : thunderbird (RHSA-2024:2913)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2913 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability...

8.8CVSS8.2AI score0.72648EPSS
Exploits18References7
OSV
OSV
added 2024/07/05 11:8 a.m.3 views

OESA-2024-1786 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to crea...

8.8CVSS9.4AI score0.00759EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/06/12 12:0 a.m.38 views

Amazon Linux 2 : thunderbird (ALAS-2024-2561)

The version of thunderbird installed on the remote host is prior to 115.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2561 advisory. A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the...

8.8CVSS8.2AI score0.72648EPSS
Exploits18References14
Tenable Nessus
Tenable Nessus
added 2024/06/11 12:0 a.m.28 views

Amazon Linux 2 : firefox (ALASFIREFOX-2024-025)

The version of firefox installed on the remote host is prior to 115.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-025 advisory. A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the...

8.8CVSS8.2AI score0.72648EPSS
Exploits18References14
RedHat Linux
RedHat Linux
added 2024/06/10 7:47 p.m.6 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/10 7:39 p.m.7 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/23 12:9 p.m.3 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/05/21 12:0 a.m.30 views

AlmaLinux 9 : thunderbird (ALSA-2024:2888)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:2888 advisory. - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affec...

8.8CVSS8.2AI score0.72648EPSS
Exploits18References7
Veracode
Veracode
added 2024/05/20 12:38 p.m.18 views

Information Exposure

Firefox is vulnerable to Information Exposure. The vulnerability is due to error messages generated during importing resources using Web Workers, distinguish the difference between application/javascript responses and non-script responses. This can be abused to learn information cross-origin...

5.9CVSS6.7AI score0.00366EPSS
Exploits0References7Affected Software3
RedHat Linux
RedHat Linux
added 2024/05/20 8:7 a.m.6 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/20 7:56 a.m.5 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/20 6:1 a.m.5 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/20 2:11 a.m.4 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/05/20 2:10 a.m.7 views

Mozilla: Cross-origin responses could be distinguished between script and non-script content-types

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: When importing resources using Web Workers, error messages would distinguish the difference between application/javascript responses and non-script responses. This could have been abused to learn...

5.9CVSS7.2AI score0.00366EPSS
Exploits0References6
Rows per page
Query Builder