Lucene search
K

16 matches found

UbuntuCve
UbuntuCve
added 2019/02/28 6:29 p.m.23 views

CVE-2018-12391

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.3CVSS7.1AI score0.02093EPSS
Exploits0References3
Prion
Prion
added 2019/02/28 6:29 p.m.24 views

Memory corruption

Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

7.5CVSS9.6AI score0.03202EPSS
Exploits0References15Affected Software11
Prion
Prion
added 2019/02/28 6:29 p.m.20 views

Design/Logic Flaw

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This...

3.6CVSS7AI score0.00368EPSS
Exploits0References11Affected Software8
Cvelist
Cvelist
added 2019/02/28 6:0 p.m.20 views

CVE-2018-12395

By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR 60.3 and Firefox 63...

7.2AI score0.02851EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2019/02/28 6:0 p.m.13 views

CVE-2018-12397

A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This...

7.1CVSS8.4AI score0.00368EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/02/28 6:0 p.m.29 views

CVE-2018-12391

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.3CVSS9.1AI score0.02093EPSS
Exploits0
OSV
OSV
added 2018/12/11 12:0 a.m.2 views

UBUNTU-CVE-2018-12405

Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

9.8CVSS7.4AI score0.03202EPSS
Exploits0References6
Mozilla
Mozilla
added 2018/12/11 12:0 a.m.69 views

Security vulnerabilities fixed in Firefox 64 — Mozilla

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. This results in a potentially exploitable crash. A buffer overflow and out-of-bounds read can occur in TextureStorage11 within the...

9.8CVSS1.3AI score0.09646EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/11/11 12:0 a.m.31 views

RHEL 7 : thunderbird (RHSA-2018:3532)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:3532 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.3.0. Security Fixes: Mozilla:...

9.8CVSS8.4AI score0.03924EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2018/11/09 11:54 a.m.507 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS7.3AI score0.03924EPSS
Exploits0References5
Mozilla
Mozilla
added 2018/10/31 12:0 a.m.502 views

Security vulnerabilities fixed in Thunderbird ESR 60.3 — Mozilla

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.8CVSS0.03924EPSS
Exploits0References5Affected Software1
Mageia
Mageia
added 2018/10/27 9:45 a.m.50 views

Updated firefox packages fix security vulnerabilities

Updated firefox packages fix security vulnerabilities: Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 CVE-2018-12389. Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12390. Mozilla: Crash with nested event loops CVE-2018-12392. Mozilla: Integer overflow during...

9.8CVSS1.2AI score0.03924EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.26 views

CentOS Update for firefox CESA-2018:3005 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.03924EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/25 12:0 a.m.30 views

RHEL 6 : firefox (RHSA-2018:3006)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:3006 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

9.8CVSS8.2AI score0.03924EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2018/10/24 12:0 a.m.24 views

CVE-2018-12395

By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR 60.3 and Firefox 63...

7.5CVSS6.9AI score0.02851EPSS
Exploits0References4
Mozilla
Mozilla
added 2018/10/23 12:0 a.m.524 views

Security vulnerabilities fixed in Firefox ESR 60.3 — Mozilla

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.8CVSS0.1AI score0.03924EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder