Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 6:7 a.m.3 views

SUSE CVE-2008-2803

The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from 1 file: URIs, 2 data: URIs, or 3 certain non-canonical chrome: URIs, which allows remote attacker...

6.8CVSS7.8AI score0.06393EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2022/08/01 9:19 a.m.2 views

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

5.3CVSS7.2AI score0.00207EPSS
Exploits0References5
OSV
OSVadded 2018/11/14 3:29 p.m.1 views

CVE-2018-17472

Incorrect handling of googlechrome:// URL scheme on iOS in Intents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to escape the sandbox via a crafted HTML page...

9.6CVSS7.4AI score
Exploits0References4
OSV
OSVadded 2015/12/06 1:59 a.m.0 views

UBUNTU-CVE-2015-6779

PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs, which allows remote attackers to bypass intended scheme restrictions via a crafted PDF document, as demonstrated by a document with a link to a chrome://settings URL...

4.3CVSS7.2AI score0.00597EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2008/07/07 11:41 p.m.2 views

CVE-2008-2803

The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from 1 file: URIs, 2 data: URIs, or 3 certain non-canonical chrome: URIs, which allows remote attacker...

6.8CVSS6.2AI score0.06393EPSS
Exploits1References56
RedHat Linux
RedHat Linuxadded 2008/02/08 2:24 a.m.2 views

chrome: directory traversal

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

4.3CVSS7.5AI score0.38662EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2008/02/08 2:13 a.m.1 views

chrome: directory traversal

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome: URI scheme, as demonstrated by stealing sessio...

4.3CVSS7.5AI score0.38662EPSS
Exploits0References4
Rows per page
Query Builder