Lucene search
K

21 matches found

Veracode
Veracode
added 2019/05/02 5:41 a.m.30 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

10CVSS8.3AI score0.09027EPSS
Exploits0References20Affected Software1
Veracode
Veracode
added 2019/05/02 5:39 a.m.48 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

9.3CVSS8.6AI score0.07417EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2019/05/02 5:39 a.m.40 views

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

7.5CVSS8.6AI score0.07417EPSS
Exploits0References21Affected Software2
Tenable Nessus
Tenable Nessus
added 2016/03/09 12:0 a.m.53 views

Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2904-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2904-1 advisory. Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able t...

10CVSS8.4AI score0.05992EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/01/27 4:23 a.m.39 views

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7.6AI score0.05992EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/04/01 1:17 p.m.59 views

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS7.7AI score0.67135EPSS
Exploits3References7
OpenVAS
OpenVAS
added 2013/10/13 12:0 a.m.29 views

Debian Security Advisory DSA 2779-1 (libxml2 - denial of service)

Aki Helin of OUSPG discovered many out-of-bounds read issues in libxml2, the GNOME project's XML parser library, which can lead to denial of service issues when handling XML documents that end abruptly. OpenVAS Vulnerability Test $Id: deb2779.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generat...

5CVSS0.2AI score0.04733EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/05/21 12:0 a.m.69 views

[SECURITY] [DSA-2471-1] ffmpeg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2471-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 13, 2012 http://www.debian.org/security/faq -...

7.5CVSS2AI score0.04686EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2012/03/06 12:0 a.m.31 views

FreeBSD : chromium -- multiple vulnerabilities (99aef698-66ed-11e1-8288-00262d5ed8ee)

Google Chrome Releases reports : 105867 High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. 108037 High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. 108406 115471 High CVE-2011-3033: Buffer overflow in the Skia drawing library...

7.5CVSS8.3AI score0.02195EPSS
Exploits2References16
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2012/02/08 12:0 a.m.53 views

Stable Channel Update

The Chrome team is excited to announce the release of Chrome 17 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. 17.0.963.46 contains a number of new features including: New Extensions APIs Updated Omnibox Prerendering Download Scanning Protection Many other small changes Security...

9.3CVSS8.2AI score0.02348EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/02/03 12:0 a.m.43 views

Debian DSA-2400-1 : iceweasel - several vulnerabilities

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2011-3670 Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting i...

10CVSS8.9AI score0.07936EPSS
Exploits2References10
Mozilla
Mozilla
added 2011/12/20 12:0 a.m.38 views

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a crash in the YARR regular expression library that could be triggered by javascript in web content...

7.5CVSS1.1AI score0.03732EPSS
Exploits0References3Affected Software3
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2011/10/25 12:0 a.m.66 views

Chrome Stable Release

The Google Chrome team is happy to announce the arrival of Chrome 15.0.874.102 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Chrome 15 contains some really great improvements including a new New Tab page. You can read about it more on the Google Chome blog. Security fixes and...

7.5CVSS6.4AI score0.0208EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2011/10/01 12:0 a.m.71 views

Mozilla Foundation Security Advisory 2011-42

Mozilla Foundation Security Advisory 2011-42 Title: Potentially exploitable crash in the YARR regular expression library Impact: Critical Announced: September 27, 2011 Reporter: Aki Helin Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Thunderbird 7.0 SeaMonkey 2.4 Description...

9.3CVSS0.8AI score0.05007EPSS
Exploits1
Mozilla
Mozilla
added 2011/09/27 12:0 a.m.46 views

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript...

9.3CVSS9.2AI score0.05007EPSS
Exploits1References3Affected Software3
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.21 views

CentOS Update for gzip CESA-2010:0061 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS7.9AI score0.04774EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2011/02/04 7:48 p.m.8 views

Google Ships Chrome 9, Plug Nine Security Holes

Google has officially released version 9.0.597.84 of its Chrome web browser to stable and beta channels for Windows, Mac and Linux, an update that addresses nine separate security vulnerabilities. According to Google’s Chrome Releases blog, one of the vulnerabilities is rated critical while two a...

0.8AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2010/01/21 12:0 a.m.32 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : gzip vulnerabilities (USN-889-1)

It was discovered that gzip incorrectly handled certain malformed compressed files. If a user or automated system were tricked into opening a specially crafted gzip file, an attacker could cause gzip to crash or possibly execute arbitrary code with the privileges of the user invoking the program...

6.8CVSS8.2AI score0.04774EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/01/21 12:0 a.m.32 views

CentOS 3 / 4 / 5 : gzip (CESA-2010:0061)

An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gzip package provides the GNU gzip data compression program. An integer underfl...

6.8CVSS7.9AI score0.04774EPSS
Exploits0References7
Cent OS
Cent OS
added 2010/01/20 5:49 p.m.60 views

gzip security update

CentOS Errata and Security Advisory CESA-2010:0061 An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gzip package provides the GN...

6.8CVSS7.1AI score0.04774EPSS
Exploits0References9
Rows per page
Query Builder