CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2020/12/17 12:0 a.m.•152 views

Oracle Linux 7 : ELSA-2020-5561-1: / firefox (ELSA-2020-55611)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-55611 advisory. 78.6.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

8.8CVSS7.8AI score0.00874EPSS

Exploits0References8

RedHat Linux•added 2020/12/16 9:47 a.m.•1 views

Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developer reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

8.8CVSS7.5AI score0.00532EPSS

RedHat Linux•added 2020/12/16 8:16 a.m.•1 views

Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6

8.8CVSS7.5AI score0.00532EPSS

UbuntuCve•added 2020/12/15 12:0 a.m.•22 views

CVE-2020-35114

Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 84...

8.8CVSS7.2AI score0.00377EPSS

Exploits1References3

OSV•added 2020/12/15 12:0 a.m.•0 views

UBUNTU-CVE-2020-35114

8.8CVSS7.4AI score0.00377EPSS

Exploits1References4

NVD•added 2020/12/09 1:15 a.m.•17 views

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

6.8CVSS6AI score0.00241EPSS

Prion•added 2020/12/09 1:15 a.m.•23 views

Design/Logic Flaw

If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

9.3CVSS8.1AI score0.00665EPSS

Exploits0References4Affected Software3

UbuntuCve•added 2020/12/09 1:15 a.m.•18 views

CVE-2020-26964

6.8CVSS6.9AI score0.00241EPSS

Prion•added 2020/12/09 1:15 a.m.•22 views

Memory corruption

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

9.3CVSS8.4AI score0.00423EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/12/09 12:26 a.m.•15 views

CVE-2020-26969

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83...

9.1AI score0.00698EPSS

AlpineLinux•added 2020/12/09 12:26 a.m.•46 views

CVE-2020-26969

9.3CVSS9.2AI score0.00698EPSS

Debian CVE•added 2020/12/09 12:25 a.m.•26 views

CVE-2020-26967

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page. This would lead to internal errors and unexpected behavior in the Screenshots code. This vulnerability...

6.5CVSS8.1AI score0.00186EPSS

AlpineLinux•added 2020/12/09 12:25 a.m.•38 views

CVE-2020-26967

6.5CVSS6.8AI score0.00186EPSS

Cvelist•added 2020/12/09 12:24 a.m.•17 views

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

6.6AI score0.00143EPSS

Cvelist•added 2020/12/09 12:21 a.m.•15 views

CVE-2020-26957

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox...

6.6AI score0.00116EPSS

RedHat Linux•added 2020/12/01 3:26 p.m.•1 views

Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5

Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83, Firefox E...

9.3CVSS7.5AI score0.00557EPSS

RedHat Linux•added 2020/11/30 8:27 p.m.•0 views

Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5

9.3CVSS7.5AI score0.00557EPSS

RedHat Linux•added 2020/11/30 7:50 p.m.•0 views

Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5

9.3CVSS7.5AI score0.00557EPSS