73 matches found
Astra Linux - уязвимость в firefox, thunderbird
If a Blob URL is loaded through some unusual user interaction, it may have been loaded by the system principal, granting additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
EUVD-2021-10919
Malware in sbrugna...
EUVD-2018-16894
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-23999
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should...
Fedora 42 : webkitgtk (2025-61ca72f430)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-61ca72f430 advisory. Update to 2.48.5. Changes since 2.48.3: Improve emoji font selection. Improve playback of multimedia streams from blob URLs. Fix crash when using a...
SUSE CVE-2013-5600
Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execut...
SUSE CVE-2015-6759
The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in Google Chrome before 46.0.2490.71, does not ensure that the origin of a LocalStorage resource is considered unique, which allows remote attackers to obtain sensitive information via vectors...
SUSE CVE-2017-5415
An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox 52...
SUSE CVE-2018-5108
A Blob URL can violate origin attribute segregation, allowing it to be accessed from a private browsing tab and for data to be passed between the private browsing tab and a normal tab. This could allow for the leaking of private information specific to the private browsing context. This issue is...
SUSE CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)
The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as...
CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
DEBIAN-CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
Code injection
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
CVE-2021-23999
CVE-2021-23999 describes a sandbox/privilege issue where a Blob URL loaded via an unusual user interaction could be executed with System Principal privileges, affecting Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox
CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
CVE-2021-23999
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
MGASA-2021-0198 Updated thunderbird packages fix security vulnerabilities
More internal network hosts could have been probed by a malicious webpage: Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine CVE-2021-23961. Out of...