Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

securityvulns
securityvulnsadded 2012/02/03 12:0 a.m.67 views

Mozilla Foundation Security Advisory 2012-02

Mozilla Foundation Security Advisory 2012-02 Title: Overly permissive IPv6 literal syntax Impact: Low Announced: January 31, 2012 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.26 Thunderbird 7.0 Thunderbird 3.1.18 SeaMonkey 2.4 Description...

5CVSS0.3AI score0.00725EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2012/02/03 12:0 a.m.42 views

Debian DSA-2400-1 : iceweasel - several vulnerabilities

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2011-3670 Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting i...

10CVSS8.9AI score0.08973EPSS
Exploits2References10
securityvulns
securityvulnsadded 2010/12/10 12:0 a.m.80 views

Mozilla Foundation Security Advisory 2010-79

Mozilla Foundation Security Advisory 2010-79 Title: Java security bypass from LiveConnect loaded via data: URL meta refresh Impact: Critical Announced: December 9, 2010 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.13 Firefox 3.5.16 SeaMonkey 2.0.11 Description...

9.3CVSS1.7AI score0.03473EPSS
Exploits1
Mozilla
Mozillaadded 2009/06/11 12:0 a.m.36 views

Arbitrary domain cookie access by local file: resources — Mozilla

Security researcher Gregory Fleischer reported that local resources loaded via the file: protocol can access any domain's cookies which have been saved on a user's machine. Fleischer demonstrated that a local document's domain was being calculated incorrectly from its URL. If a victim could be...

4.3CVSS2.1AI score0.01548EPSS
Exploits1References2Affected Software2
Mozilla
Mozillaadded 2009/04/21 12:0 a.m.42 views

Same-origin violations when Adobe Flash loaded via view-source: scheme — Mozilla

Security researcher Gregory Fleischer reported that when an Adobe Flash file is loaded via the view-source: scheme, the Flash plugin misinterprets the origin of the content as localhost, leading to two specific vulnerabilities:...

6.8CVSS2.4AI score0.01373EPSS
Exploits0References2Affected Software3
Mozilla
Mozillaadded 2008/03/25 12:0 a.m.35 views

Java socket connection to any local port via LiveConnect — Mozilla

Security researcher Gregory Fleischer demonstrated that web content fetched via the jar: protocol can use Java via LiveConnect to open socket connections to arbitrary ports on the user's machine "localhost". The issue is caused by improper parsing of the content origin passed from the browser to...

9.3CVSS2.6AI score0.14426EPSS
Exploits1References4Affected Software2
Tenable Nessus
Tenable Nessusadded 2008/01/10 12:0 a.m.26 views

openSUSE 10 Security Update : epiphany (epiphany-4870)

This update brings the Mozilla XUL runner engine to security update version 1.8.1.10 MFSA 2007-37 / CVE-2007-5947: The jar protocol handler in Mozilla Firefox retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inne...

9.3CVSS8.6AI score0.13311EPSS
Exploits1References3
Rows per page
Query Builder