Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2020/01/08 10:15 p.m.1 views

DEBIAN-CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7AI score0.00281EPSS
Exploits0References1
Cvelist
Cvelistadded 2019/09/27 5:18 p.m.10 views

CVE-2019-11741

A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...

6.8AI score0.00243EPSS
Exploits0References2
CVE
CVEadded 2019/09/27 5:18 p.m.137 views

CVE-2019-11741

CVE-2019-11741 affects Mozilla Firefox before version 69.0. a UXSS risk arises from a compromised sandboxed content process that can load content from sites like addons.mozilla.org and accounts.firefox.com in the same process, enabling potential manipulation of Firefox settings. The public docs c...

6.1CVSS6.6AI score0.00243EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2019/09/27 5:18 p.m.23 views

CVE-2019-11741

A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...

6.1CVSS7.9AI score0.00243EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2019/09/12 10:55 a.m.3 views

Mozilla: Sandbox escape through Firefox Sync

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7.3AI score0.00281EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2019/09/04 8:14 p.m.3 views

Mozilla: Sandbox escape through Firefox Sync

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7.3AI score0.00281EPSS
Exploits0References5
OSV
OSVadded 2019/09/04 12:0 a.m.3 views

UBUNTU-CVE-2019-9812

Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the...

9.3CVSS7.3AI score0.00281EPSS
Exploits0References4
Rows per page
Query Builder