21 matches found
CVE-2026-46147
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64 architectures. During the vCPU initialization process, a pin leak can occur, leading to a permanent loss of references to host vCPU and SVE state pages. Additionally, a concurrent process might observe a partially...
CVE-2026-30807 Cross-Site Request Forgery on Extension Pages
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30807 Cross-Site Request Forgery on Extension Pages
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30807
CVE-2026-30807 is a Cross-Site Request Forgery in Pandora FMS extension/pages for versions 777–800. The flaw allows an attacker to cause unauthorized actions through a crafted page without user interaction beyond visiting the page; CVSSv4 vector indicates NETWORK attack vector, LOW access complex...
DEBIAN-CVE-2022-22761
Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...
CVE-2022-22761
CVE-2022-22761 fixes a vulnerability where the frame-ancestors CSP directive was not enforced for moz-extension:// pages, affecting Firefox < 97, Thunderbird < 91.6, and Firefox ESR
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages
The Mozilla Foundation Security Advisory describes this flaw as: Web-accessible extension pages pages with a moz-extension:// scheme were not correctly enforcing the frame-ancestors directive when it was used in the Web Extension's Content Security Policy...
Mozilla Firefox 安全特征问题漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security signature issue vulnerability exists in Mozilla Firefox, which arises from a product framework root content security policy directive that does not restrict framework extension pages. A remote attacker could use...
CVE-2017-15391
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page...
CVE-2017-15391
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page...
CVE-2017-15391
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page...