CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSV•added 2023/06/02 5:15 p.m.•2 views

DEBIAN-CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

8.8CVSS7.9AI score0.00124EPSS

Exploits0References1

Prion•added 2023/06/02 5:15 p.m.•22 views

Design/Logic Flaw

6.8CVSS8AI score0.00124EPSS

Exploits0References4Affected Software3

CVE•added 2023/06/02 12:0 a.m.•169 views

CVE-2023-25729

CVE-2023-25729 involves a permissions prompt issue for external schemes that was only shown for ContentPrincipals, allowing extensions using ExpandedPrincipals to open them without user interaction. This could enable actions like downloading files or interacting with installed software. Affected:...

8.8CVSS8.1AI score0.00124EPSS

Exploits0References4Affected Software3

AlpineLinux•added 2023/06/02 12:0 a.m.•24 views

CVE-2023-25729

8.8CVSS8.4AI score0.00124EPSS

Exploits0

Debian CVE•added 2023/06/02 12:0 a.m.•33 views

CVE-2023-25729

8.8CVSS8.4AI score0.00124EPSS

Exploits0

Tenable Nessus•added 2023/05/30 12:0 a.m.•15 views

GLSA-202305-35 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-35 Mozilla Firefox: Multiple Vulnerabilities - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. CVE-2023-0767 -...

8.8CVSS8AI score0.00442EPSS

Exploits1References47