Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.7 views

AlmaLinux 10 : firefox (ALSA-2025:14417)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:14417 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due...

9.8CVSS7.8AI score0.0053EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.6 views

RHEL 8 : firefox (RHSA-2025:15419)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:15419 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS7.8AI score0.0053EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.50 views

NewStart CGSL MAIN 4.05 : firefox Multiple Vulnerabilities (NS-SA-2019-0103)

The remote NewStart CGSL host, running version MAIN 4.05, has firefox packages installed that are affected by multiple vulnerabilities: - A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR...

9.8CVSS8.1AI score0.18756EPSS
Exploits34References46
Prion
Prion
added 2018/06/11 9:29 p.m.20 views

Design/Logic Flaw

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

7.5CVSS8.6AI score0.02067EPSS
Exploits0References9Affected Software9
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.20 views

CVE-2017-5448

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

8.3AI score0.02067EPSS
Exploits0References9
CVE
CVE
added 2018/06/11 9:0 p.m.166 views

CVE-2017-5448

CVE-2017-5448 is an out-of-bounds write in ClearKeyDecryptor (Gecko Media Plugin sandbox). The issue allows writing arbitrary memory data, potentially causing a crash or remote code execution. Affected products include Firefox/Firefox ESR prior to patched versions; upstream advisories show fixes ...

8.6CVSS8.2AI score0.02067EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.6 views

Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content. The "ClearKeyDecryptor" code runs within the Gecko Media Plugin GMP sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data with...

8.6CVSS7.5AI score0.02067EPSS
Exploits0References5
Mozilla
Mozilla
added 2017/04/19 12:0 a.m.528 views

Security vulnerabilities fixed in Firefox ESR 45.9 — Mozilla

A use-after-free vulnerability in SMIL animation functions occurs when pointers to animation elements in an array are dropped from the animation controller while still in use. This results in a potentially exploitable crash. A use-after-free vulnerability occurs during transaction processing in t...

9.8CVSS1.6AI score0.08767EPSS
Exploits4References28Affected Software1
Debian CVE
Debian CVE
added 2016/08/05 1:0 a.m.27 views

CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

6.8CVSS9.5AI score0.04577EPSS
Exploits0
OSV
OSV
added 2016/08/03 12:0 a.m.5 views

UBUNTU-CVE-2016-2837

Heap-based buffer overflow in the ClearKey Content Decryption Module CDM in the Encrypted Media Extensions EME API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media...

6.3CVSS7.6AI score0.04577EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2016/08/02 12:0 a.m.53 views

KLA10852 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code, spoof user interface, bypass security restrictions, conduct cross-site scripting or read local...

9.8CVSS10AI score0.04577EPSS
Exploits3References4
Mozilla
Mozilla
added 2016/08/02 12:0 a.m.52 views

Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback — Mozilla

An anonymous security researcher working with Trend Micro's Zero Day Initiative reported a buffer overflow in the ClearKey Content Decryption Module CDM used by the Encrypted Media Extensions EME API. This vulnerability can be triggered using a malformed video file due to incorrect error handling...

6.8CVSS2.4AI score0.04577EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2015/01/13 12:0 a.m.38 views

Gecko Media Plugin sandbox escape — Mozilla

Security researcher Nils discovered a mechanism to break out of the Gecko Media Plugin GMP sandbox on Windows systems. The GMP sandbox is currently only used to host h.264 video playback using the OpenH264 plugin but is being developed to host other other media plugins. This bug would allow an...

7.1CVSS6.2AI score0.01542EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder