Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2025/12/09 7:56 a.m.5 views

firefox: thunderbird: Spoofing issue in Firefox

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in Firefox...

3.4CVSS5.7AI score0.00256EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5280

Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code via bidirectional text...

9.8CVSS8AI score0.05037EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

8.8CVSS9.3AI score0.02414EPSS
Exploits0References11
OSV
OSV
added 2018/06/11 9:29 p.m.2 views

DEBIAN-CVE-2016-9905

A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR 45.6 and Thunderbird 45.6...

8.8CVSS8.7AI score0.024EPSS
Exploits1References1
OSV
OSV
added 2016/09/22 12:0 a.m.2 views

UBUNTU-CVE-2016-5281

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document...

9.8CVSS7.7AI score0.05037EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/09/21 7:47 a.m.4 views

Mozilla: Add-on update site certificate pin expiration (MFSA 2016-85, MFSA 2016-86)

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org...

7.4CVSS7.5AI score0.02373EPSS
Exploits0References6
OSV
OSV
added 2016/03/13 6:59 p.m.2 views

DEBIAN-CVE-2016-1977

The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...

8.8CVSS8.8AI score0.02912EPSS
Exploits0References1
OSV
OSV
added 2016/03/13 6:59 p.m.5 views

UBUNTU-CVE-2016-1969

The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted Graphite smart font...

8.8CVSS7.4AI score0.01665EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.11 views

Mozilla: Miscellaneous memory safety hazards (rv:38.7) (MFSA 2016-16)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

8.8CVSS7.8AI score0.0299EPSS
Exploits0References5
Rows per page
Query Builder