Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

286 matches found

UbuntuCve
UbuntuCveadded 2017/10/02 12:0 a.m.27 views

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.1AI score0.02442EPSS
Exploits0References4
OSV
OSVadded 2017/10/02 12:0 a.m.0 views

UBUNTU-CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS7.1AI score0.02442EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2017/09/28 6:49 p.m.27 views

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

9.8CVSS3AI score0.02442EPSS
Exploits0References2
Mozilla
Mozillaadded 2017/09/28 12:0 a.m.536 views

Security vulnerabilities fixed in Firefox 56 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...

9.8CVSS10AI score0.12063EPSS
Exploits4References19Affected Software1
Mozilla
Mozillaadded 2017/09/28 12:0 a.m.529 views

Security vulnerabilities fixed in Firefox ESR 52.4 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications ARIA elements...

9.8CVSS0.2AI score0.12063EPSS
Exploits2References10Affected Software1
Microsoft CVE
Microsoft CVEadded 2017/06/13 7:0 a.m.32 views

Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Microsoft Edge Fetch API incorrectly handles a filtered response type. An attacker could use the vulnerability to read the URL of a cross-origin request. Websites that that do not securely populate the URL with confidential information could...

6.5CVSS0.7AI score0.25242EPSS
Exploits0
seebug.org
seebug.orgadded 2017/03/15 12:0 a.m.45 views

Microsoft Edge Fetch API allows setting of arbitrary request headers (CVE-2017-0140)

Introduction The Fetch API provides an interface for fetching resources including across the network. It will seem familiar to anyone who has used XMLHttpRequest, but the Fetch API provides a more powerful and flexible feature set. Starting in EdgeHTML 14, which ships with Windows 10 Anniversary...

4CVSS5.4AI score0.14929EPSS
Exploits3
0day.today
0day.todayadded 2017/03/15 12:0 a.m.41 views

Microsoft Edge Fetch API Arbitrary Header Setting Vulnerability

Exploit for windows platform in category remote exploits ------------------------------------------------------------------------ Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Yorick Koster, January 20...

4CVSS5.5AI score0.14929EPSS
Exploits3
Packet Storm
Packet Stormadded 2017/03/14 12:0 a.m.40 views

Microsoft Edge Fetch API Arbitrary Header Setting

------------------------------------------------------------------------ Microsoft Edge Fetch API allows setting of arbitrary request headers ------------------------------------------------------------------------ Yorick Koster, January 2017...

0.14929EPSS
Exploits3
Jake Archibald's Blog
Jake Archibald's Blogadded 2016/01/25 3:0 p.m.14 views

2016 - the year of web streams

Yeah, ok, it's a touch bold to talk about something being the thing of the year as early as January, but the potential of the web streams API has gotten me all excited. TL;DR: Streams can be used to do fun things like turn clouds to butts, transcode MPEG to GIF, but most importantly, they can be...

7.1AI score
Exploits0
Prion
Prionadded 2015/12/16 11:59 a.m.19 views

Information disclosure

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure...

5CVSS6.7AI score0.00437EPSS
Exploits0References14Affected Software4
UbuntuCve
UbuntuCveadded 2015/12/15 12:0 a.m.24 views

CVE-2015-7215

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an exception, leading to information disclosure...

5CVSS6.9AI score0.00437EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2015/10/19 12:0 a.m.23 views

Ubuntu 14.04 LTS : Firefox vulnerability (USN-2768-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2768-1 advisory. Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were...

6.8CVSS8.4AI score0.00243EPSS
Exploits0References2
NVD
NVDadded 2015/10/18 10:59 a.m.14 views

CVE-2015-7184

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...

6.8CVSS6.3AI score0.00243EPSS
Exploits0References8
UbuntuCve
UbuntuCveadded 2015/10/18 10:59 a.m.23 views

CVE-2015-7184

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...

6.8CVSS7.3AI score0.00243EPSS
Exploits0References3
OSV
OSVadded 2015/10/18 10:59 a.m.0 views

UBUNTU-CVE-2015-7184

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...

6.8CVSS7.3AI score0.00243EPSS
Exploits0References4
Prion
Prionadded 2015/10/18 10:59 a.m.21 views

Cross site scripting

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...

6.8CVSS6.9AI score0.00243EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2015/10/18 10:0 a.m.21 views

CVE-2015-7184

The fetch API implementation in Mozilla Firefox before 41.0.2 does not restrict access to the HTTP response body in certain situations where user credentials are supplied but the CORS cross-origin request algorithm is improperly followed, which allows remote attackers to bypass the Same Origin...

9AI score0.00243EPSS
Exploits0References8
OSV
OSVadded 2015/10/16 9:21 a.m.1 views

USN-2768-1 firefox vulnerability

Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from oth...

6.8CVSS7.3AI score0.00243EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2015/10/16 9:21 a.m.52 views

USN-2768-1: Firefox vulnerability

Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from oth...

6.8CVSS8.4AI score0.00243EPSS
Exploits0
Rows per page
Query Builder