Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Prion
Prionadded 2011/11/09 11:55 a.m.16 views

Design/Logic Flaw

Mozilla Firefox 7.0 and Thunderbird 7.0, when the Direct2D aka D2D API is used on Windows in conjunction with the Azure graphics back-end, allow remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data into a canvas. NOTE:...

2.6CVSS6.5AI score0.00379EPSS
Exploits1References5Affected Software2
Prion
Prionadded 2011/08/18 6:55 p.m.22 views

Design/Logic Flaw

Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products, when the Direct2D aka D2D API is used on Windows, allows remote attackers to bypass the Same Origin Policy, and obtain sensitive image data from a different domain, by inserting this data...

5CVSS6.6AI score0.00379EPSS
Exploits1References7Affected Software3
CVE
CVEadded 2011/08/18 6:0 p.m.111 views

CVE-2011-2986

CVE-2011-2986 affects Mozilla Firefox 4.x–5, Thunderbird before 6, and SeaMonkey 2.x before 2.3 on Windows when using Direct2D. The issue allows cross‑origin data theft by inserting image data from a different domain into a canvas, potentially bypassing the Same Origin Policy. Root cause, as stat...

5CVSS9.2AI score0.00379EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder