Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 3:28 a.m.1 views

SUSE CVE-2022-22754

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...

6.5CVSS8.6AI score0.00079EPSS
Exploits0References10
CVE
CVEadded 2022/12/22 12:0 a.m.525 views

CVE-2022-22754

CVE-2022-22754: Affects Firefox <97, Thunderbird <91.6, and Firefox ESR

6.5CVSS7AI score0.00079EPSS
Exploits0References4Affected Software3
Tenable Nessus
Tenable Nessusadded 2022/02/14 12:0 a.m.37 views

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5284-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5284-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

9.6CVSS8.1AI score0.00718EPSS
Exploits1References10
OSV
OSVadded 2022/02/12 5:31 p.m.37 views

MGASA-2022-0061 Updated thunderbird packages fix security vulnerabilities

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions CVE-2022-22754. If a user was convinced to drag and drop an image to their desktop or other folder,...

9.6CVSS9.2AI score0.00533EPSS
Exploits1References4
OSV
OSVadded 2022/02/09 12:0 a.m.0 views

UBUNTU-CVE-2022-22754

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...

6.5CVSS6.8AI score0.00079EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2022/02/09 12:0 a.m.38 views

CVE-2022-22754

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...

6.5CVSS6.8AI score0.00079EPSS
Exploits0References5
Mozilla
Mozillaadded 2022/02/08 12:0 a.m.44 views

Security Vulnerabilities fixed in Firefox ESR 91.6 — Mozilla

A Time-of-Check Time-of-Use bug existed in the Maintenance Updater Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.This bug only affects Firefox on Windows. Other operating systems are unaffected. If a user...

9.6CVSS0.4AI score0.00493EPSS
Exploits2References9Affected Software1
Hacker One
Hacker Oneadded 2017/01/18 4:39 a.m.24 views

Brave Software: No user confirmation when an auto-updated extension gets more permissions

Summary: In Chrome, when extensions are auto-updated, if the permissions change, the extension is preventatively disabled and the user has to confirm they wish to re-enable it with the additional permissions. While it appears Brave has a functioning Extension auto-updater e.g. for the PDF...

6.8AI score
Exploits0
Rows per page
Query Builder