Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:51 p.m.10 views

CVE-2020-15174

In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the will-navigate event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The issue is patched in...

7.5CVSS6.7AI score0.01351EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/04/10 12:0 a.m.6 views

Vulnerability of Firefox web browsers, Firefox ESR, and Thunderbird email client, related to a navigation event error that does not comply with W3C specifications, allowing attackers to access confidential data

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird is related to a navigation event error that does not comply with W3C specifications. Exploiting this vulnerability can allow an attacker to gain access to confidential data remotely...

4.3CVSS6.7AI score0.01798EPSS
Exploits1References13Affected Software7
OpenVAS
OpenVAS
added 2019/09/05 12:0 a.m.35 views

Mozilla Firefox Security Advisories (MFSA2019-25, MFSA2019-27) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

9.8CVSS7.3AI score0.0216EPSS
Exploits2References1
CVE
CVE
added 2014/03/03 2:0 a.m.52 views

CVE-2014-1884

CVE-2014-1884 affects Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7/8. The root cause is improper restriction of navigation events, which lets remote attackers bypass device-resource restrictions when content is accessed (1) inside an iframe or (2) via t...

7.5CVSS6.8AI score0.08196EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2012/08/29 12:0 a.m.33 views

CVE-2012-3976

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows remote attackers to spoof the X.509 certificate information in the address bar via a crafted web page...

4.3CVSS7.3AI score0.01779EPSS
Exploits0References2
Rows per page
Query Builder