CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-0812

Malware in sbrugna...

4.3CVSS9.2AI score0.00124EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3398

Malware in sbrugna...

4.7CVSS7.3AI score0.00626EPSS

Exploits2References12

OpenVAS•added 2021/11/11 12:0 a.m.•18 views

Mozilla Firefox Security Advisory (MFSA2015-44) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

4.3CVSS9.5AI score0.00124EPSS

Exploits0References3

NVD•added 2019/07/23 2:15 p.m.•19 views

CVE-2019-11728

The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox 68...

4.7CVSS6AI score0.00626EPSS

Exploits2References7

Prion•added 2019/07/23 2:15 p.m.•16 views

Design/Logic Flaw

4.3CVSS5.7AI score0.00626EPSS

Exploits2References7Affected Software2

RedhatCVE•added 2019/07/18 6:25 a.m.•26 views

CVE-2019-11728

4.7CVSS1AI score0.00626EPSS

Exploits2References4

UbuntuCve•added 2019/07/11 12:0 a.m.•33 views

CVE-2019-11728

4.7CVSS6.8AI score0.00626EPSS

Exploits2References3

Prion•added 2015/04/08 10:59 a.m.•13 views

Design/Logic Flaw

The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header...

4.3CVSS6.8AI score0.00124EPSS

Exploits0References7Affected Software3

CVE•added 2015/04/08 10:0 a.m.•128 views

CVE-2015-0799

Summary: Mozilla Firefox before 37.0.1 is affected by CVE-2015-0799 due to the HTTP Alt-Svc feature, which allows a man‑in‑the‑middle attacker to bypass X.509 certificate verification by directing the client to a chosen server via the uri-host in an Alt-Svc header. Impact: potential MITM disclosu...

4.3CVSS9.1AI score0.00124EPSS

Exploits0References7Affected Software1

ThreatPost•added 2015/04/07 10:27 a.m.•10 views

Vulnerability Forces Mozilla to Disable Opportunistic Encryption in Firefox

Less than a week after introducing the new opportunistic encryption feature in Firefox, Mozilla has had to disable it because of a security vulnerability in the browser’s implementation of the HTTP Alternative Services specification. The bug puts a kink in the new feature, which was designed to...

0.4AI score

Exploits0References3

Ubuntu•added 2015/04/07 10:3 a.m.•68 views

USN-2557-1: Firefox vulnerability

Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a machine-in-the-middle attack. CVE-2015-0799...

4.3CVSS8.4AI score0.00124EPSS

Exploits0

ArchLinux•added 2015/04/04 12:0 a.m.•37 views

firefox: certificate verification bypass

Security researcher Muneaki Nishimura discovered a flaw in the Mozilla's HTTP Alternative Services implementation. If an Alt-Svc header is specified in the HTTP/2 response, SSL certificate verification can be bypassed for the specified alternate server. As a result of this, warnings of invalid SS...

4.3CVSS1.4AI score0.00124EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by