Lucene search
K

12 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.3 views

SUSE CVE-2018-16067

A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS9.2AI score0.01408EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.3 views

SUSE CVE-2019-11734

Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 69...

9.8CVSS9.3AI score0.01295EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.4 views

SUSE CVE-2019-11741

A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these site...

6.1CVSS8.2AI score0.00587EPSS
Exploits0References5
OSV
OSV
added 2019/09/27 6:15 p.m.2 views

CVE-2019-11734

Mozilla developers and community members reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 69...

9.8CVSS7.5AI score0.01295EPSS
Exploits0References2
OSV
OSV
added 2019/09/27 6:15 p.m.5 views

UBUNTU-CVE-2019-11751

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...

8.8CVSS7.4AI score0.01062EPSS
Exploits0References3
OSV
OSV
added 2019/09/27 6:15 p.m.5 views

UBUNTU-CVE-2019-11736

The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during...

7CVSS7.2AI score0.00209EPSS
Exploits0References3
CNVD
CNVD
added 2019/09/09 12:0 a.m.4 views

Mozilla Firefox and Mozilla Firefox ESR Sandbox Escape Vulnerability

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 69, Mozilla...

9.3CVSS8.8AI score0.01302EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/05 12:0 a.m.3 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2019-30446)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 69, which can be exploited by remote attackers to execute code in a user's browser with the help of a specially crafted...

6.1CVSS8.3AI score0.00587EPSS
Exploits0References1
CNVD
CNVD
added 2019/09/05 12:0 a.m.4 views

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2019-30447)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 69, which can be exploited by remote attackers to execute scripts in a user's browser...

6.1CVSS8.3AI score0.0145EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/09/04 8:14 p.m.6 views

Mozilla: Type confusion in Spidermonkey

A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. This vulnerability affects Firefox 69 and Firefox ESR 68.1...

6.5CVSS7.3AI score0.01262EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/09/04 8:14 p.m.4 views

Mozilla: Persistence of WebRTC permissions in a third party context

WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the...

6.5CVSS7.3AI score0.01031EPSS
Exploits0References5
CNVD
CNVD
added 2018/09/07 12:0 a.m.3 views

Google Chrome Security Bypass Vulnerability (CNVD-2019-03619)

Google Chrome is a web browser developed by Google Inc. Blink is a browser layout engine rendering engine jointly developed by Google Inc. and Opera Software of Norway. A security vulnerability exists in Blink in versions of Google Chrome prior to 69.0.3497.81. The vulnerability can be exploited ...

6.5CVSS7.1AI score0.0078EPSS
Exploits0References1
Rows per page
Query Builder