34 matches found
EUVD-2019-3393
Malware in sbrugna...
EUVD-2011-2969
Malware in sbrugna...
EUVD-2015-4518
Malware in sbrugna...
EUVD-2022-30946
Malicious code in bioql PyPI...
CVE-2023-26691
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on...
CVE-2023-26691
Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on...
WordPress Formidable Forms Plugin < 6.3.1 RCE Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:strategy11:formidableformbuilder"; ifdescription...
SUSE CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...
Design/Logic Flaw
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
ROS-20220314-01
Vulnerability in Mozilla Firefox browser, related to a logic error in iframe processing. Exploitation the vulnerability could allow an attacker acting remotely and who has the ability to control the contents of an isolated iframe program environment , allow-popups, but not allow-scripts, could...
Debian DLA-2942-1 : firefox-esr - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2942 advisory. - If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, woul...
UBUNTU-CVE-2022-26387
When installing an add-on, Firefox verified the signature before prompting the user; but while the user was confirming the prompt, the underlying add-on file could have been modified and Firefox would not have noticed. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
Updated firefox packages fix security vulnerabilities
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash CVE-2022-26381. When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification CVE-2022-26383. If an attacker coul...
CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...
Design/Logic Flaw
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...
CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...
CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension. This...
Mozilla Firefox ESR Security Bypass Vulnerability (Sep 2015) - Windows
Mozilla Firefox ESR is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20150827)
A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2015-4497 A flaw was found in the way Firefox handled installation of...