Lucene search
+L

72 matches found

nessus
nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-26951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of...

6.1CVSS7.7AI score0.01038EPSS
Exploits0References2
openvas
openvas
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2020-0433)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.0245EPSS
Exploits1References5
openvas
openvas
added 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2020-0427)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.1AI score0.0245EPSS
Exploits1References5
openvas
openvas
added 2021/06/09 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2020:3383-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS7.9AI score0.5063EPSS
Exploits3References4
openvas
openvas
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2020:14548-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS9.4AI score0.5063EPSS
Exploits3References6
nessus
nessus
added 2021/03/10 12:0 a.m.171 views

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0065)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...

9.8CVSS7.8AI score0.42327EPSS
Exploits5References18
nessus
nessus
added 2021/03/10 12:0 a.m.185 views

NewStart CGSL MAIN 6.02 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0081)

The remote NewStart CGSL host, running version MAIN 6.02, has thunderbird packages installed that are affected by multiple vulnerabilities: - In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This...

9.8CVSS7.8AI score0.42327EPSS
Exploits5References19
nessus
nessus
added 2021/02/01 12:0 a.m.64 views

CentOS 8 : firefox (CESA-2020:5237)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:5237 advisory. - Mozilla: Variable time processing of cross-origin images during drawImage calls CVE-2020-16012 - Mozilla: Parsing mismatches could confuse and bypass...

9.3CVSS7.4AI score0.0245EPSS
Exploits1References11
nessus
nessus
added 2021/01/25 12:0 a.m.106 views

openSUSE Security Update : MozillaFirefox (openSUSE-2020-2315)

This update for MozillaFirefox fixes the following issues : - Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...

9.6CVSS8AI score0.5063EPSS
Exploits3References13
nessus
nessus
added 2021/01/19 12:0 a.m.66 views

RHEL 8 : firefox (RHSA-2020:5314)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:5314 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.3CVSS7.6AI score0.0245EPSS
Exploits1References22
nessus
nessus
added 2021/01/07 12:0 a.m.142 views

Amazon Linux 2 : thunderbird (ALAS-2021-1586)

The version of thunderbird installed on the remote host is prior to 78.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1586 advisory. When drawing a transparent image on top of an unknown cross-origin image, the Skia library drawImage function took a...

9.3CVSS8.5AI score0.0245EPSS
Exploits1References35
opensuse
opensuse
added 2020/12/22 12:0 a.m.44 views

Security update for MozillaFirefox (important)

openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:2315-1 Rating: important References: 1178824 Cross-References: CVE-2020-15999 CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961...

9.6CVSS9.7AI score0.5063EPSS
Exploits3References1
centos
centos
added 2020/12/09 8:24 p.m.179 views

thunderbird security update

CentOS Errata and Security Advisory CESA-2020:5235 An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.3CVSS6.8AI score0.0245EPSS
Exploits1References7
centos
centos
added 2020/12/09 8:21 p.m.192 views

firefox security update

CentOS Errata and Security Advisory CESA-2020:5239 An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.3CVSS6.8AI score0.0245EPSS
Exploits1References7
osv
osv
added 2020/12/09 1:15 a.m.11 views

CVE-2020-26951

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS7.8AI score
Exploits0References4
cvelist
cvelist
added 2020/12/09 12:19 a.m.18 views

CVE-2020-26951

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.6AI score0.01038EPSS
Exploits0References4
cve
cve
added 2020/12/09 12:19 a.m.286 views

CVE-2020-26951

CVE-2020-26951 involves a parsing and event loading mismatch in Firefox’s SVG code that could allow load events to fire after sanitization, potentially bypassing a built-in sanitizer. Affected products include Firefox < 83, Firefox ESR < 78.5, and Thunderbird

6.1CVSS6.5AI score0.01038EPSS
Exploits0References4Affected Software3
attackerkb
attackerkb
added 2020/12/09 12:0 a.m.242 views

CVE-2020-26951

A parsing and event loading mismatch in Firefox’s SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privileged internal pages could have used this attack to bypass our built-in sanitizer. This vulnerability...

6.1CVSS2.9AI score0.01038EPSS
Exploits0References5
nessus
nessus
added 2020/12/09 12:0 a.m.299 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:3548-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...

9.6CVSS8AI score0.5063EPSS
Exploits3References26
nessus
nessus
added 2020/12/09 12:0 a.m.73 views

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:3383-1)

This update for MozillaFirefox fixes the following issues : Firefox Extended Support Release 78.5.0 ESR bsc1178824 - CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code - CVE-2020-16012: Variable time processing of cross-origin images during...

9.6CVSS8AI score0.5063EPSS
Exploits3References26
Rows per page
Query Builder