Astra Linux - уязвимость в thunderbird

When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the insecure framing. This vulnerability affects Firefox 84...

Astra Linux - уязвимость в firefox

If an attacker needed a user to load an insecure http: page and knew that the user had enabled HTTPS-only mode, the attacker could trick the user into clicking to grant an HTTPS-only exception, provided they could get the user to participate in a clicking game. This vulnerability affects Firefox...

EUVD-2020-19500

Malware in sbrugna...

EUVD-2021-10918

Malware in sbrugna...

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as...

CVE-2021-23998

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mail.ru: Stored XSS on top.mail.ru

Stored XSS via incorrect handling of http page headers on top.mail.ru at created counters...

Mozilla: Secure Lock icon could have been spoofed

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Mozilla: Secure Lock icon could have been spoofed

Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...

Spoofable Secure Lock Icon

firefox:sid is using spoofable Secure Lock icon. Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page...

Security Vulnerabilities fixed in Firefox ESR 78.10 — Mozilla

A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary cod...

Mozilla Firefox < 88.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory. - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian...

CVE-2020-26976

The Mozilla Foundation Security Advisory describes this flaw as: When a HTTPS page was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to...

Design/Logic Flaw

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2019-12698 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability

A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load f...

CVE-2018-12448

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

Kirby CMS 2.5.12 - Cross-Site Request Forgery (Delete Page)

Exploit Title:​​ Kirby CMS 2.5.12 - Cross-Site Request Forgery Delete Page Date: 2018-07-22 Exploit Author: Zaran Shaikh Version: 2.5.12 CVE: NA Category: Web Application 1. Description The application allows malicious HTTP requests to be sent in order to trick a user into adding/ deleting web...

Siemens LOGO! HTTP Page Detection

Binary data 700227.prm...

CentOS Update for firefox CESA-2009:0256 centos4 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2009:0256 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

RedHat Security Advisory RHSA-2009:0256

The remote host is missing updates announced in advisory RHSA-2009:0256. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code...