Lucene search
K

5125 matches found

RedHat Linux
RedHat Linux
added 2023/03/22 10:20 a.m.3 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/22 12:0 a.m.4 views

PT-2023-4804 · Ckeditor4 +3 · Ckeditor4 +3

Name of the Vulnerable Software and Affected Versions: CKEditor4 versions prior to 4.21.0 Description: A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages in CKEditor4. The vulnerability may trigger a JavaScript code after fulfilling special...

6.4CVSS7.5AI score0.01652EPSS
Exploits0References32
OSV
OSV
added 2023/03/22 12:0 a.m.27 views

ALSA-2023:1407 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.9.0. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 CVE-2023-28176 Mozill...

8.8CVSS8.8AI score0.00713EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.20 views

Oracle Linux 7 : thunderbird (ELSA-2023-1401)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1401 advisory. 102.9.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.9.0-1 - Update to...

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/21 9:48 a.m.3 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/21 8:20 a.m.2 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.21 views

Debian dla-3365 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3365 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3365-1 [email protected]...

8.8CVSS8.3AI score0.00713EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.29 views

Oracle Linux 9 : firefox (ELSA-2023-1337)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-1337 advisory. 102.9.0-3.0.1 - Updated homepages to use https Orabug: 34648274 102.9.0-3 - Update to 102.9.0 build2 102.9.0-2 - removed disable-openh264-download...

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.25 views

Oracle Linux 7 : firefox (ELSA-2023-1333)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-1333 advisory. 102.9.0-3.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

8.8CVSS7.8AI score0.00713EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/20 9:39 a.m.3 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/20 9:38 a.m.4 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/03/20 9:38 a.m.3 views

Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS7.3AI score0.00347EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/03/20 12:0 a.m.26 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.9.0 ESR. Security Fixes: Mozilla: Incorrect code generation during JIT compilation CVE-2023-25751 Mozilla: Memory safety bugs fixed in Firefo...

8.8CVSS9.2AI score0.00713EPSS
Exploits0References12
Veracode
Veracode
added 2023/03/18 5:52 a.m.20 views

Information Disclosure

firefox-esr is vulnerable to Information Disclosure. The vulnerability that exists when dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks...

6.5CVSS8AI score0.00347EPSS
Exploits0References5Affected Software5
Tenable Nessus
Tenable Nessus
added 2023/03/17 12:0 a.m.22 views

SUSE SLES12: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2023:0763-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0763-1 advisory. Update to version 102.9.0 ESR bsc1209173: - CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on...

8.8CVSS6.7AI score0.00798EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2023/03/15 3:33 a.m.3 views

SUSE CVE-2023-28164

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

6.5CVSS6.3AI score0.00347EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2023/03/15 12:0 a.m.25 views

CVE-2023-28164

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

6.5CVSS6.8AI score0.00347EPSS
Exploits0References5
OSV
OSV
added 2023/03/15 12:0 a.m.1 views

UBUNTU-CVE-2023-28164

Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox 111, Firefox ESR 102.9, and Thunderbird 102.9...

6.5CVSS7.2AI score0.00347EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/03/15 12:0 a.m.33 views

Mozilla Thunderbird < 102.9

The version of Thunderbird installed on the remote Windows host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs...

8.8CVSS8.2AI score0.00798EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/03/15 12:0 a.m.37 views

Mozilla Thunderbird < 102.9

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-11 advisory. - Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety...

8.8CVSS8.2AI score0.00798EPSS
Exploits0References7
Rows per page
Query Builder