Lucene search
K

6 matches found

ArchLinux
ArchLinux
added 2016/03/09 12:0 a.m.54 views

firefox: multiple issues

CVE-2016-1952 CVE-2016-1953 arbitrary code execution Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough...

10CVSS9.8AI score0.30946EPSS
Exploits9References39
Mozilla
Mozilla
added 2015/12/30 12:0 a.m.37 views

HTML injection in homescreen app bypassing DOM sanitizer — Mozilla

Mozilla fixed a bug in the l10n localization of the default homescreen app of Firefox OS reported by security researcher Muneaki Nishimura. Exploiting this issue requires tricking the user into bookmarking a specially crafted web page via the 'Add to home screen' functionality. As a result, an...

6.1CVSS6.2AI score0.00663EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.33 views

XSS attack through intents on Firefox for Android — Mozilla

Security researcher Muneaki Nishimura reported that on Firefox for Android that it is possible to create a cross-site script XSS attack through the use of Android intents and fallback navigation. This issue is caused by improper sterilization of opened addresses sent to Firefox through intents...

4.3CVSS8.4AI score0.01467EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2015/11/03 12:0 a.m.31 views

Android intents can be used on Firefox for Android to open privileged files — Mozilla

Security researcher Muneaki Nishimura reported that on Firefox for Android, a search engine can be registered and used to launch Firefox through an Android intent. When Firefox for Android is launched, the URL can executed with Firefox's system privileges if the crash reporter is used. This allow...

5CVSS8.7AI score0.01274EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2015/10/25 12:0 a.m.93 views

Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android

CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android Severity: Medium Vendor: The Apache Software Foundation Versions Affected: Cordova Android File Transfer Plugin 1.2.1 and below Description: Android applications built with the Cordova framework...

4.3CVSS0.8AI score0.0343EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/04/01 1:17 p.m.59 views

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

7.5CVSS7.7AI score0.67135EPSS
Exploits3References7
Rows per page
Query Builder