Lucene search
K

14 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.4 views

SUSE CVE-2021-4128

When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.This bug only affects Firefox on MacOS. Other operating systems are unaffected.. This vulnerability affects Firefox 95...

6.5CVSS8.8AI score0.00548EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.3 views

SUSE CVE-2021-38004

Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS5.8AI score0.00842EPSS
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.2 views

DEBIAN-CVE-2021-4129

Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes...

9.8CVSS9.1AI score0.01013EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2021/12/09 12:58 p.m.4 views

Mozilla: Bypass of CSP sandbox directive when embedding

Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.1CVSS7.4AI score0.01352EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/09 12:40 p.m.3 views

Mozilla: Denial of Service when using the Location API in a loop

Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.01597EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/12/09 12:40 p.m.2 views

Mozilla: External protocol handler parameters were unescaped

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.01576EPSS
Exploits0References4
OSV
OSV
added 2021/12/08 10:15 p.m.1 views

DEBIAN-CVE-2021-43541

When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS8.7AI score0.01576EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2021/12/08 10:16 a.m.3 views

Mozilla: Denial of Service when using the Location API in a loop

Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

6.5CVSS7.3AI score0.01597EPSS
Exploits0References4
OSV
OSV
added 2021/12/08 12:0 a.m.6 views

UBUNTU-CVE-2021-43538

By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 9...

4.3CVSS7.2AI score0.01158EPSS
Exploits0References8
OSV
OSV
added 2021/12/08 12:0 a.m.8 views

UBUNTU-CVE-2021-43537

An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

8.8CVSS7.3AI score0.0202EPSS
Exploits0References8
OSV
OSV
added 2021/12/08 12:0 a.m.10 views

UBUNTU-CVE-2021-43540

WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension. This vulnerability affects Firefox 95...

6.5CVSS6.8AI score0.00862EPSS
Exploits0References4
OSV
OSV
added 2021/11/23 10:15 p.m.2 views

DEBIAN-CVE-2021-37997

Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.2AI score0.00942EPSS
Exploits0References1
OSV
OSV
added 2021/11/02 10:15 p.m.1 views

DEBIAN-CVE-2021-37981

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.7AI score0.01EPSS
Exploits0References1
OSV
OSV
added 2021/11/02 10:15 p.m.1 views

UBUNTU-CVE-2021-37991

Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

7.5CVSS7.2AI score0.0076EPSS
Exploits0References2
Rows per page
Query Builder