Lucene search
+L

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-11738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will...

6.8CVSS7.5AI score0.01447EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4122-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.0216EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2021/11/08 12:0 a.m.23 views

Mozilla Firefox Security Advisory (MFSA2019-25) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

9.8CVSS7.1AI score0.0216EPSS
Exploits3References23
RedhatCVE
RedhatCVE
added 2019/10/07 5:3 p.m.23 views

CVE-2019-11738

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.8CVSS1.5AI score0.01447EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/10/04 12:0 a.m.37 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2019:2545-1)

This update for MozillaFirefox to 68.1 fixes the following issues : Security issues fixed : CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. bsc1140868 CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. bsc1149294 CVE-2019-11710: Fixed several memory...

9.8CVSS7.1AI score0.02574EPSS
Exploits5References80
NVD
NVD
added 2019/09/27 6:15 p.m.16 views

CVE-2019-11738

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.8CVSS5.9AI score0.01447EPSS
Exploits1References5
OSV
OSV
added 2019/09/27 6:15 p.m.9 views

CVE-2019-11738

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.3CVSS8.8AI score
Exploits0References5
CVE
CVE
added 2019/09/27 5:19 p.m.235 views

CVE-2019-11738

CVE-2019-11738 describes a Content Security Policy bypass in Firefox before 69 and Firefox ESR before 68.1: a hash-based CSP source that takes the empty string as input can allow execution of javascript: URIs, bypassing CSP permissions. Affected products: Firefox <69 and Firefox ESR

6.8CVSS6.8AI score0.01447EPSS
Exploits1References5Affected Software2
Debian CVE
Debian CVE
added 2019/09/27 5:19 p.m.20 views

CVE-2019-11738

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.8CVSS7.7AI score0.01447EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.38 views

Mozilla Firefox < 69.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory. - Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported...

9.8CVSS7.5AI score0.0216EPSS
Exploits3References22
Tenable Nessus
Tenable Nessus
added 2019/09/05 12:0 a.m.49 views

Mozilla Firefox < 69.0

The version of Firefox installed on the remote Windows host is prior to 69.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-25 advisory. - Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported memory safe...

9.8CVSS7.5AI score0.0216EPSS
Exploits3References22
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-4122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.0216EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.272 views

Mozilla Firefox ESR Security Advisories (MFSA2019-25, MFSA2019-27) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

9.3CVSS7.3AI score0.0216EPSS
Exploits2References1
ALT Linux
ALT Linux
added 2019/09/04 12:0 a.m.28 views

Security fix for the ALT Linux 10 package firefox-esr version 68.1.0-alt1

Sept. 4, 2019 Andrey Cherepanov 68.1.0-alt1 - New ESR version 68.1.0. - Fixed: + CVE-2019-11751 Malicious code execution through command line parameters + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML +...

9.3CVSS8.3AI score0.0216EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2019/09/04 12:0 a.m.27 views

CVE-2019-11738

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.8CVSS7AI score0.01447EPSS
Exploits1References3
Rows per page
Query Builder