Lucene search
K

256 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.43 views

Rocky Linux 8 : thunderbird (RLSA-2022:0129)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0129 advisory. - It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox. This vulnerability affects Firefox ESR 91.5, Firefox...

10CVSS7.8AI score0.0134EPSS
Exploits6References25
CNNVD
CNNVD
added 2023/10/04 12:0 a.m.8 views

Altair Input Validation Error Vulnerability

Altair is a beautiful and feature-rich GraphQL client IDE for Altair GraphQL open source. An input validation error vulnerability exists in versions prior to Altair 5.2.5, which stems from an application that does not clean up an external URL before passing it to the underlying system...

7.8CVSS6.7AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/08 12:0 a.m.5 views

PT-2023-30598 · Qualys · Qualys Container Scanning Connector Plugin

Name of the Vulnerable Software and Affected Versions: Qualys Container Scanning Connector Plugin versions 1.6.2.6 and earlier Description: An incorrect permission check in the Qualys Container Scanning Connector Plugin allows attackers with global Item/Configure permission, but lacking...

4.3CVSS4.5AI score0.00317EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/09/04 3:52 p.m.6 views

Mozilla: Full screen notification obscured by external program

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

6.5CVSS7.3AI score0.00657EPSS
Exploits0References5
OSV
OSV
added 2023/08/01 3:15 p.m.1 views

DEBIAN-CVE-2023-4053

A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbird 115.2...

6.5CVSS6.8AI score0.00657EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/07/13 8:50 a.m.5 views

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

6.5CVSS7.2AI score0.00739EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/07/13 8:44 a.m.5 views

Mozilla: Fullscreen notification obscured

The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks...

6.5CVSS7.2AI score0.00739EPSS
Exploits0References5
wpexploit
wpexploit
added 2023/07/10 12:0 a.m.155 views

Short URL < 1.6.5 - Admin+ Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. In the plugin settings, add the POC alert1 to the...

6.1AI score0.00497EPSS
Exploits2
SUSE CVE
SUSE CVE
added 2023/07/07 2:18 a.m.2 views

SUSE CVE-2023-37207

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

6.5CVSS6.2AI score0.00739EPSS
Exploits0References7
OSV
OSV
added 2023/07/05 9:15 a.m.2 views

DEBIAN-CVE-2023-37207

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

6.5CVSS6.8AI score0.00739EPSS
Exploits0References1
OSV
OSV
added 2023/07/05 9:15 a.m.3 views

UBUNTU-CVE-2023-37207

A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...

6.5CVSS6.8AI score0.00739EPSS
Exploits0References11
CNNVD
CNNVD
added 2023/07/04 12:0 a.m.2 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox that originates from a website that may obscure full-screen notifications by using URLs that have a scheme handled by an external program, such as a mailto URL. This could...

6.5CVSS7.8AI score0.00739EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.5 views

SUSE CVE-2019-7616

Kibana versions before 6.8.2 and 7.2.1 contain a server side request forgery SSRF flaw in the graphite integration for Timelion visualizer. An attacker with administrative Kibana access could set the timelion:graphite.url configuration option to an arbitrary URL. This could possibly lead to an...

4.9CVSS8.1AI score0.02138EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-22739

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS8.5AI score0.00679EPSS
Exploits1References11
OSV
OSV
added 2022/12/22 8:15 p.m.5 views

CVE-2022-22748

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS8.7AI score
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.0 views

DEBIAN-CVE-2022-22739

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS6.8AI score0.00679EPSS
Exploits1References1
OSV
OSV
added 2022/12/22 8:15 p.m.6 views

CVE-2022-22739

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

6.5CVSS8.7AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.7 views

CVE-2022-22748

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

5.8AI score0.00737EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/12/22 12:0 a.m.22 views

CVE-2022-22748

Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

7.3AI score0.00737EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/12/22 12:0 a.m.6 views

CVE-2022-22739

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

5.9AI score0.00679EPSS
Exploits1References4
Rows per page
Query Builder