Lucene search
+L

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.6 views

SUSE CVE-2020-26956

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

6.1CVSS8.4AI score0.01218EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.5 views

SUSE CVE-2020-26961

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...

6.1CVSS8.5AI score0.01151EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2020/11/30 11:12 p.m.5 views

Mozilla: XSS through paste (manual and clipboard API)

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

6.1CVSS7.3AI score0.01218EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/11/30 8:48 a.m.6 views

Mozilla: Use-after-free in WebRequestService

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

8.8CVSS7.4AI score0.0127EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/22 8:56 p.m.7 views

Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...

9.8CVSS7.5AI score0.02652EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 10:11 a.m.8 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
OSV
OSV
added 2020/07/09 3:15 p.m.0 views

DEBIAN-CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...

4.4CVSS6.3AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/03 12:0 a.m.5 views

Mozilla Firefox Resource Management Error Vulnerability (CNVD-2020-43766)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A resource management error vulnerability exists in WebRTC VideoBroadcaster in versions of Mozilla Firefox prior to 78. An attacker can exploit this vulnerability to cause memory corruption and possibl...

9.3CVSS8.7AI score0.0135EPSS
Exploits1References1
OSV
OSV
added 2020/07/01 12:0 a.m.3 views

UBUNTU-CVE-2020-12426

Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 78...

8.8CVSS7.4AI score0.01616EPSS
Exploits1References5
OSV
OSV
added 2020/06/19 12:0 a.m.5 views

UBUNTU-CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...

4.4CVSS7.3AI score0.00337EPSS
Exploits0References5
Rows per page
Query Builder