Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.7 views

SUSE CVE-2017-7822

The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox 56...

5.3CVSS8.5AI score0.01415EPSS
Exploits0References4
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

CVE-2017-7820

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...

5.3CVSS5.8AI score0.01188EPSS
Exploits1References4
OSV
OSV
added 2017/10/02 12:0 a.m.4 views

UBUNTU-CVE-2017-7811

Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 56...

9.8CVSS7.4AI score0.02275EPSS
Exploits1References4
OSV
OSV
added 2017/10/02 12:0 a.m.3 views

UBUNTU-CVE-2017-7820

The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This vulnerability affects...

5.3CVSS6.8AI score0.01188EPSS
Exploits1References4
CNVD
CNVD
added 2017/09/29 12:0 a.m.2 views

Mozilla Firefox File Download Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in WebExtensions in versions of Mozilla Firefox prior to 56. A remote attacker can exploit the vulnerability to download and potentially open non-executable file...

9.8CVSS8.6AI score0.01976EPSS
Exploits3References1
CNVD
CNVD
added 2017/09/29 12:0 a.m.3 views

Mozilla Firefox, Firefox ESR and Thunderbird Cross-Site Scripting Vulnerabilities

Mozilla Firefox, Firefox ESR and Thunderbird are all developed by the Mozilla Foundation.Firefox is an open source web browser, Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client from Mozilla...

5.4CVSS7.1AI score0.01469EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/29 12:0 a.m.2 views

Mozilla Firefox, Firefox ESR and Thunderbird Memory Misreference Vulnerability

Mozilla Firefox, Firefox ESR and Thunderbird are all developed by the Mozilla Foundation.Firefox is an open source web browser, Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client from Mozilla...

9.8CVSS8.7AI score0.02344EPSS
Exploits0References1
Rows per page
Query Builder