CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5124 matches found

Tenable Nessus•added 2022/04/12 12:0 a.m.•34 views

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (2022:1302)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:1302-1 advisory. - Mozilla: Use-after-free in NSSToken objects CVE-2022-1097 - Mozilla: Out of bounds write due to unexpected WebAuthN Extensions CVE-2022-28281 -...

8.8CVSS7.6AI score0.1446EPSS

Exploits7References10

Redos•added 2022/04/12 12:0 a.m.•57 views

ROS-20220412-02

Vulnerability in Mozilla Firefox browser, due to the fact that regex for Rust does not control properly internal resource consumption when parsing unreliable input data. Exploitation of the vulnerability could allow a remote attacker to pass specially crafted data to an application and perform a...

8.8CVSS8.3AI score0.1446EPSS

Exploits7

Redos•added 2022/04/12 12:0 a.m.•56 views

ROS-20220412-03

Vulnerability in Mozilla Thunderbird email client, related to a memory freeing error when processing HTML content after the VR process is destroyed. Exploitation of the vulnerability could allow an attacker, acting remotely, create a specially crafted web page, trick the victim into opening it,...

8.8CVSS8.3AI score0.1446EPSS

Exploits7

RedHat Linux•added 2022/04/11 2:38 p.m.•1 views

Mozilla: iframe contents could be rendered outside the border

The Mozilla Foundation Security Advisory describes this flaw as: Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks...

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

RedHat Linux•added 2022/04/11 1:52 p.m.•3 views

Mozilla: iframe contents could be rendered outside the border

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

Veracode•added 2022/04/09 10:44 p.m.•24 views

Spoofing Attacks

firefox is vulnerable to spoofing attacks. A remote attacker is able to render Iframe contents outside of its border, leading to possible user confusion and spoofing attacks...

5.4CVSS3.3AI score0.00557EPSS

Exploits1References5Affected Software6

RedHat Linux•added 2022/04/08 3:21 p.m.•2 views

Mozilla: iframe contents could be rendered outside the border

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

RedHat Linux•added 2022/04/08 2:48 p.m.•1 views

Mozilla: iframe contents could be rendered outside the border

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

RedHat Linux•added 2022/04/08 2:40 p.m.•2 views

Mozilla: iframe contents could be rendered outside the border

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

RedHat Linux•added 2022/04/08 2:2 p.m.•2 views

Mozilla: iframe contents could be rendered outside the border

5.4CVSS7.3AI score0.00557EPSS

Exploits1References6

RedhatCVE•added 2022/04/06 2:50 p.m.•51 views

CVE-2022-28286

5.4CVSS1.7AI score0.00557EPSS

Exploits1References5

UbuntuCve•added 2022/04/06 12:0 a.m.•40 views

CVE-2022-28286

Due to a layout change, iframe contents could have been rendered outside of its border. This could have led to user confusion or spoofing attacks. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...

5.4CVSS6.8AI score0.00557EPSS

Exploits1References6

OSV•added 2022/04/06 12:0 a.m.•0 views

UBUNTU-CVE-2022-28286

5.4CVSS6.7AI score0.00557EPSS

Exploits1References7

OSV•added 2022/04/05 6:30 p.m.•25 views

GHSA-XMJJ-3C76-5W84 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in directus

Impact Unauthorized JavaScript can be executed by inserting an iframe into the rich text html interface that links to a file uploaded HTML file that loads another uploaded JS file in its script tag. This satisfies the regular content security policy header, which in turn allows the file to run an...

8.8CVSS7.2AI score0.01018EPSS

Exploits0References5