Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.46 views

Amazon Linux 2 : thunderbird (ALAS-2019-1267)

When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did...

9.8CVSS7.8AI score0.20271EPSS
Exploits2References8
NVD
NVD
added 2019/07/23 2:15 p.m.22 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS6.8AI score0.20271EPSS
Exploits0References13
Prion
Prion
added 2019/07/23 2:15 p.m.24 views

Design/Logic Flaw

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

4.3CVSS6.6AI score0.20271EPSS
Exploits0References13Affected Software5
Debian CVE
Debian CVE
added 2019/07/23 1:16 p.m.40 views

CVE-2019-11730

A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...

6.5CVSS7.8AI score0.20271EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/07/11 12:0 a.m.40 views

Mozilla Firefox ESR < 60.8

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-22 advisory. - A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in...

9.8CVSS7.9AI score0.20271EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2008/03/19 12:0 a.m.44 views

openSUSE 10 Security Update : epiphany (epiphany-5102)

The Mozilla XULRunner 1.8.1 engine was updated to security update version 1.8.1.12. This includes fixes for the following security issues : - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain text files - MFSA...

9.3CVSS8.5AI score0.08633EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2008/02/14 12:0 a.m.52 views

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5002)

This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of...

9.3CVSS8.6AI score0.08633EPSS
Exploits4References10
Mozilla
Mozilla
added 2008/02/07 12:0 a.m.53 views

Mishandling of locally-saved plain text files — Mozilla

Mozilla contributor oo.rio.oo demonstrated that once a file with Content-Disposition: attachment and improper Content-Type: plain/text is saved locally, the browser would no longer open local files with .txt extensions for viewing, but would rather prompt the user to save the file...

4.3CVSS2.6AI score0.01785EPSS
Exploits2References2Affected Software2
Rows per page
Query Builder