Lucene search
+L

993 matches found

CNVD
CNVD
added 2016/02/02 12:0 a.m.1 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2016-00903)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the browser engine of Mozilla Firefox versions prior to 44.0 a...

10CVSS9.2AI score0.05992EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2015/12/29 12:0 a.m.6 views

The vulnerability of the Firefox browser allows attackers to obtain confidential information, increase their privileges, or perform XSS attacks.

The vulnerability of Firefox browsers is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to enhance their privileges, carry out XSS attacks, or potentially obtain confidential information through a specially crafted website...

4CVSS7AI score0.01779EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/12/29 12:0 a.m.4 views

Vulnerability of Firefox and Firefox ESR browsers, which allows hackers to circumvent existing access restrictions policies

The vulnerability of Firefox and Firefox ESR browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions by using specially crafted data and URL schemes...

5CVSS7AI score0.06058EPSS
Exploits1References3Affected Software2
CNVD
CNVD
added 2015/12/18 12:0 a.m.3 views

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2015-08328)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the browser engine of Mozilla Firefox versions prior to 43.0. A remote attacker could exploit this vulnerability to cause a denial of service memory corruptio...

10CVSS9.1AI score0.05852EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/18 12:0 a.m.2 views

Mozilla Firefox Arbitrary Code Execution Vulnerability (CNVD-2015-08314)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox 42.0 and earlier versions, which is caused by the program failing to properly store properties of an unwrapped object. The vulnerability can b...

6.8CVSS9.2AI score0.03492EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/09 12:0 a.m.6 views

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-08009)

Internet Explorer is a web browser from Microsoft. A security vulnerability exists in Internet Explorer 11's handling of style attributes. By tampering with document elements, an attacker can force an array allocated by a CAttrArray object to be reused after release and then execute arbitrary cod...

9.3CVSS7.5AI score0.18763EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/07 12:0 a.m.4 views

Google Chrome Denial of Service Vulnerability (CNVD-2015-07978)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in Google Chrome versions prior to 47.0.2526.73. An attacker can exploit this vulnerability to cause a denial of service...

10CVSS6.5AI score0.08115EPSS
Exploits2References1
OSV
OSV
added 2015/12/05 12:0 a.m.5 views

UBUNTU-CVE-2015-8478

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

7.5CVSS7.1AI score0.00628EPSS
Exploits0References4
CNVD
CNVD
added 2015/11/07 12:0 a.m.2 views

Mozilla Firefox and Firefox ESR Browser Engine Buffer Overflow Vulnerability

Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the browser engine of Mozilla Firefox that allows remote attackers to construct malicious WEB pages that can be tricked into parsing the application to perform...

7.5CVSS8.9AI score0.04219EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/11/04 12:10 p.m.2 views

Mozilla: Miscellaneous memory safety hazards (rv:38.4) (MFSA 2015-116)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

7.5CVSS7.8AI score0.04219EPSS
Exploits0References5
myhack58
myhack58
added 2015/10/08 12:0 a.m.23 views

Shopify trade platform facing RFD attacks, and not fix-bug warning-the black bar safety net

WebSegura researcher David Sopas found a reflection type file name download RFD)vulnerability, the vulnerability exists in the popular multi-channel trade platform Shopify, although he has to Shopify company sent a safety report, but it seems that the company did not find the vulnerability of the...

0.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/10/06 12:0 a.m.4 views

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.

The vulnerability of the nsUnicodeToUTF8::GetMaxLength function in Firefox and Firefox ESR browsers is caused by buffer overflow. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...

7.5CVSS8.2AI score0.03497EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/10/01 12:0 a.m.7 views

The vulnerability of the iOS operating system allows a hacker to replace the content of web pages.

The vulnerability of the Safari browser on the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to replace the content of web pages by using the “open window” button on the website...

5CVSS5.5AI score0.01947EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2015/09/29 9:55 a.m.5 views

chromium-browser: Cross-origin bypass in V8

object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Origin Policy via a 1 observe or 2 getNotifier call...

7.5CVSS7.4AI score0.01757EPSS
Exploits1References5
OSV
OSV
added 2015/09/21 7:59 p.m.6 views

CVE-2015-6938

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

5.6AI score
Exploits0References12
OSV
OSV
added 2015/09/21 7:59 p.m.22 views

PYSEC-2015-24

Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...

4.3CVSS4AI score0.02768EPSS
Exploits1References11
0day.today
0day.today
added 2015/09/18 12:0 a.m.64 views

Aol account hijack sessions 0day

hijacking sessions replaying information, to gain access to other account details. Usage Info you will need firefox live http headers FIXED for replay and the method below. This is private exploit. You can buy it at https://0day.today...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/09/15 12:0 a.m.8 views

The vulnerability of Safari browser and iOS operating system allows a hacker to execute arbitrary code or trigger a service failure.

The vulnerability of the WebKit component in the Safari browser and the iOS operating system is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure through a specially crafted web page...

6.8CVSS8.3AI score0.02387EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.9 views

The vulnerability of Firefox and Firefox ESR browsers allows attackers to circumvent access control policies.

The vulnerability of Firefox and Firefox ESR browsers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass access control policies using the JSON.parse method...

5CVSS6.7AI score0.03366EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/08/28 12:0 a.m.8 views

The vulnerabilities in browsers Firefox, Firefox ESR, and the operating system Firefox OS allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the StyleAnimationValue class StyleAnimationValue::operator in Firefox browsers, Firefox ESR, and the Firefox OS operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrit...

7.5CVSS6.7AI score0.03825EPSS
Exploits0References3Affected Software3
Rows per page
Query Builder