Lucene search
K

18 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

An attacker who could have convinced a user to drag and drop an image into a file system could have manipulated the resulting filename to include an executable extension. By doing so, the attacker could potentially trick the user into executing malicious code. Although very similar, this is a...

8.8CVSS8AI score0.00721EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If a user were convinced to drag and drop an image onto their desktop or another folder, the resulting object could be transformed into an executable script that would execute arbitrary code upon the user clicking on it. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91....

8.8CVSS7.1AI score0.00926EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7488

Malware in sbrugna...

7.4CVSS8.3AI score0.01096EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-27899

Malicious code in bioql PyPI...

8.8CVSS7.6AI score0.00926EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.8 views

CVE-2022-34483

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

8.8CVSS5.8AI score0.00721EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2023/06/02 12:0 a.m.40 views

CVE-2023-25741

When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...

6.5CVSS8.3AI score0.00767EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.3 views

SUSE CVE-2022-22756

If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91....

8.8CVSS8.7AI score0.00926EPSS
Exploits1References10
Kaspersky
Kaspersky
added 2023/02/14 12:0 a.m.47 views

KLA20237 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security...

9.8CVSS10AI score0.00817EPSS
Exploits2References3
OSV
OSV
added 2022/12/22 8:15 p.m.2 views

CVE-2022-34482

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

8.8CVSS7.4AI score0.00715EPSS
Exploits0References2
OSV
OSV
added 2022/12/22 8:15 p.m.1 views

DEBIAN-CVE-2022-22756

If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script which would have run arbitrary code after the user clicked on it. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91....

8.8CVSS7.2AI score0.00926EPSS
Exploits1References1
Prion
Prion
added 2022/12/22 8:15 p.m.18 views

Code injection

An attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contain an executable extension, and by extension potentially tricked the user into executing malicious code. While very similar, this is a separate issue from...

6.8CVSS8AI score0.00721EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/07/05 5:3 p.m.4 views

USN-5504-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass CSP restrictions, bypass sandboxed iframe restrictions, obtain sensitive...

9.8CVSS6.9AI score0.23941EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2022/02/15 10:41 a.m.2 views

Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable

The Mozilla Foundation Security Advisory describes this flaw as: If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script, which would have run arbitrary code after the user clicked it...

8.8CVSS7.5AI score0.00926EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/02/14 8:50 a.m.2 views

Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable

The Mozilla Foundation Security Advisory describes this flaw as: If a user was convinced to drag and drop an image to their desktop or other folder, the resulting object could have been changed into an executable script, which would have run arbitrary code after the user clicked it...

8.8CVSS7.5AI score0.00926EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2022/02/14 12:0 a.m.39 views

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-5284-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5284-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could...

9.6CVSS8.1AI score0.00926EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2022/02/14 12:0 a.m.37 views

Debian DSA-5074-1 : thunderbird - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5074 advisory. - Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs show...

9.6CVSS8.1AI score0.00926EPSS
Exploits1References18
Tenable Nessus
Tenable Nessus
added 2022/02/08 12:0 a.m.34 views

Mozilla Firefox ESR < 91.6

The version of Firefox ESR installed on the remote Windows host is prior to 91.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-05 advisory. - Mozilla developers and community members Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs prese...

9.6CVSS8AI score0.00926EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2015/10/01 1:25 p.m.5 views

Mozilla: Dragging and dropping images exposes final URL after redirects (MFSA 2015-110)

Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an image into a TEXTBOX element...

4.3CVSS7.5AI score0.02732EPSS
Exploits0References5
Rows per page
Query Builder