5 matches found
SUSE CVE-2020-6815
Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affec...
CVE-2020-6813
When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox 74...
Unspecified Vulnerability in Mozilla Firefox (CNVD-2020-18412)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 74. An attacker could exploit the vulnerability to spoof the chrome browser, steal credentials, or perform other attacks...
Cloud Foundry UAA SCIM Elevation of Privilege Vulnerability
UAA is a multi-tenant identity management service used in Cloud Foundry and can also be used as a standalone OAuth2 server. A SCIM blind injection elevation of privilege vulnerability exists in Cloud Foundry UAA versions prior to 74.1.0. The vulnerability stems from UAA allowing direct querying o...
cPanel cross-site scripting vulnerability (CNVD-2019-26167)
cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in cPanel versions prior to 74.0.0. The vulnerability stems from a lack of proper...