CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

DEBIAN-CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

Design/Logic Flaw

Under certain circumstances the "fetch" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessib...

Design/Logic Flaw

A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox 58...

Design/Logic Flaw

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

CVE-2017-7793

CVE-2017-7793 is a use-after-free in Thunderbird/Fetch API where the worker or window is freed while in use, leading to a potentially exploitable crash. Public details reference Thunderbird

CVE-2018-5131

CVE-2018-5131 affects Mozilla Firefox (ESR < 52.7 and Firefox

CVE-2017-7793

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...

CVE-2018-5092

A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox 58...

CVE-2018-5092

CVE-2018-5092 is a use-after-free in Firefox related to Web Workers. Affected product: Mozilla Firefox (pre-58 versions). Description: the Web Worker thread may be freed from memory prematurely during fetch cancellation, causing memory safety issues. Impact stated in sources is memory safety risk...

CVE-2018-4190

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote...

CVE-2017-16040

gfe-sass is a library for promises CommonJS/Promises/A,B,D gfe-sass downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the...

EulerOS 2.0 SP2 : firefox (EulerOS-SA-2018-1118)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the...

EulerOS 2.0 SP1 : firefox (EulerOS-SA-2018-1117)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the...

CVE-2016-9038

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special...

CVE-2016-9038

CVE-2016-9038 : A double-fetch race condition exists in the Invincea-X (Dell Protected Workspace) SboxDrv.sys driver (version 6.1.3-24058). The vulnerability stems from reading a user-supplied pointer to a driver-version buffer twice: first via ProbeForWrite and then again during memcpy, using in...

CVE-2016-9038

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a special...

PT-2018-5057 · Invincea · Invincea-X

Name of the Vulnerable Software and Affected Versions: Invincea-X version 6.1.3-24058 Description: A double fetch vulnerability exists in the SboxDrv.sys driver functionality. This issue can be triggered by a specially crafted input buffer and a race condition, resulting in kernel memory...