CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

SUSE CVE•added 2023/02/15 6:11 a.m.•1 views

SUSE CVE-2007-2869

The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service persistent temporary CPU consumption via a large number of characters in a submitted form...

4.3CVSS8.4AI score0.16441EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 5:55 a.m.•1 views

SUSE CVE-2011-0067

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls...

5CVSS6.7AI score0.0052EPSS

Exploits1References4

OPENSUSE Linux•added 2015/03/07 11:4 a.m.•41 views

Security update for MozillaThunderbird (important)

MozillaThunderbird was updated to version 31.5.0 to fix four security issues. These security issues were fixed: - CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0831: Use-after-free in IndexedDB - CVE-2015-0827: Out-of-bounds read and write while rendering SVG content -...

7.5CVSS2.5AI score0.03173EPSS

Exploits0References1

OpenVAS•added 2015/03/04 12:0 a.m.•27 views

Ubuntu: Security Advisory (USN-2506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.7AI score0.03173EPSS

Exploits0References2

Tenable Nessus•added 2015/03/02 12:0 a.m.•30 views

FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)

The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...

7.5CVSS7.2AI score0.03173EPSS

Exploits0References37

RedHat Linux•added 2015/02/25 12:38 p.m.•3 views

Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)

An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file...

4.3CVSS6.8AI score0.00628EPSS

Exploits0References5

Mozilla•added 2015/02/24 12:0 a.m.•46 views

Reading of local files through manipulation of form autocomplete — Mozilla

Security researcher Armin Ebert reported that a user readable file in a known local path could be uploaded to a malicious site. This was done by manipulating the autocomplete feature in a form and user interaction with it. While the local file is not visibly uploaded through the form, its content...

4.3CVSS8.4AI score0.00628EPSS

Exploits0References2Affected Software5

Tenable Nessus•added 2011/12/13 12:0 a.m.•40 views

SuSE 10 Security Update : Mozilla XULrunner (ZYPP Patch Number 7492)

Mozilla XULRunner 1.9.1 was updated to the 1.9.1.19 security release. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, a...

10CVSS8.4AI score0.83259EPSS

Exploits19References32

Tenable Nessus•added 2011/05/02 12:0 a.m.•37 views

Mandriva Linux Security Advisory : firefox (MDVSA-2011:079)

Chris Evans of the Chrome Security Team reported that the XSLT generate-id function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while...

10CVSS8.7AI score0.83259EPSS

Exploits20References17

Tenable Nessus•added 2011/04/29 12:0 a.m.•209 views

Mozilla Firefox < 3.5.19 Multiple Vulnerabilities

Binary data 5900.prm...

10CVSS7.3AI score0.83259EPSS

Exploits20References21

Tenable Nessus•added 2011/04/29 12:0 a.m.•24 views

Mozilla Firefox 3.6.x < 3.6.17 Multiple Vulnerabilities

Binary data 801238.prm...

10CVSS7.3AI score0.83259EPSS

Exploits20References23

OpenVAS•added 2009/03/23 12:0 a.m.•30 views

Ubuntu Update for firefox vulnerabilities USN-468-1

Ubuntu Update for Linux kernel vulnerabilities USN-468-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4681.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-468-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

9.3CVSS0.7AI score0.46498EPSS

Exploits0References2

Tenable Nessus•added 2007/11/10 12:0 a.m.•35 views

Ubuntu 6.06 LTS / 6.10 / 7.04 : firefox vulnerabilities (USN-468-1)

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. CVE-2007-2867, CVE-2007-2868 A flaw was discovered in the form autocomplete feature. By tricking a user in...

9.3CVSS8.4AI score0.46498EPSS

Exploits0References7

Tenable Nessus•added 2007/10/17 12:0 a.m.•30 views

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-3545)

This update brings Mozilla Thunderbird to security update version 1.5.0.12. - MFSA 2007-17 / CVE-2007-2871 : Chris Thomas demonstrated that XUL popups opened by web content could be placed outside the boundaries of the content area. This could be used to spoof or hide parts of the browser chrome...

9.3CVSS7.3AI score0.46498EPSS

Exploits1References8