Mozilla Firefox ESR < 52.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-16 advisory. - A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer...

EUVD-2017-16726

Malware in sbrugna...

EUVD-2018-20684

Malware in sbrugna...

BIT-NIFI-2022-29265 Improper Restriction of XML External Entity References in Multiple Components

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML...

SUSE CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

Use-After-Free

Mozilla Firefox is vulnerable to use-after-free vulnerability. This vulnerability exists in the nsDocumentViewer class in nsDocumentViewer.cpp that is triggered when handling content viewer listeners. An unauthenticated, remote attacker can exploit this to cause a denial of service condition or t...

CVE-2018-9081

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

CVE-2018-9081

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

CVE-2018-9081

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

Cross site scripting

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

CVE-2018-9081 Iomega and LenovoEMC NAS Web UI Vulnerabilities

For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the file name used for assets accessible through the Content Viewer application are vulnerable to self cross-site scripting self-XSS. As a result, adversaries can add files to shares accessible from the Content...

CVE-2018-9081

CVE-2018-9081 affects Iomega, LenovoEMC NAS devices (4.1.402.34662 and earlier) with Content Viewer assets vulnerability enabling self-XSS via file names. Attackers could chain vulnerabilities (token theft, CSRF) to gain unauthorized shell access or escalate privilege on affected devices, impacti...

DEBIAN-CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

CVE-2017-7751

CVE-2017-7751 is a use-after-free vulnerability in Mozilla Firefox and Thunderbird associated with content viewer listeners, affecting Firefox versions before 54, ESR before 52.2, and Thunderbird before 52.2. The underlying issue is a memory safety flaw that can lead to a potentially exploitable ...

Mozilla: Use-after-free with content viewer listeners (MFSA 2017-16)

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

Mozilla: Use-after-free with content viewer listeners (MFSA 2017-16)

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

CVE-2017-7751

A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

IBM WebSphere Portal Web Content Viewer Portlet Privilege Escalation (PI15723)

The version of IBM WebSphere Portal on the remote host is affected by a privilege escalation vulnerability in the Web Content Viewer portlet due to improper handling of JSP includes. A remote attacker is able to obtain sensitive information, cause a denial of service, or control the request...

IBM WebSphere Portal Web Content Viewer Portlet XSS (PM84525)

The version of WebSphere Portal on the remote host is affected by a cross-site scripting vulnerability. An attacker can inject arbitrary code into a user's browser which is then executed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; i...