Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2022/08/16 12:0 a.m.41 views

GLSA-202208-08 : Mozilla Firefox: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-08 Mozilla Firefox: Multiple Vulnerabilities - Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2022-1919 - regex...

9.8CVSS8.3AI score0.26709EPSS
Exploits23References78
OSV
OSV
added 2022/01/20 9:6 a.m.6 views

OPENSUSE-SU-2022:0136-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files bsc1194547. - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur bsc1194547. - CVE-2022-22739:...

10CVSS8.4AI score0.01344EPSS
Exploits6References16
OSV
OSV
added 2021/11/10 10:53 p.m.19 views

MGASA-2021-0506 Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame CVE-2021-38503. When interacting with an HTML input element's...

10CVSS8.5AI score0.0383EPSS
Exploits0References4
Mozilla
Mozilla
added 2021/11/02 12:0 a.m.361 views

Security Vulnerabilities fixed in Firefox 94 — Mozilla

The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame. When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have...

10CVSS9.3AI score0.0383EPSS
Exploits1References13Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/11/02 12:0 a.m.29 views

Mozilla Firefox < 94.0

The version of Firefox installed on the remote Windows host is prior to 94.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-48 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such...

10CVSS7.4AI score0.0383EPSS
Exploits1References14
Rows per page
Query Builder