Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 2020/05/11 9:54 a.m.5 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/11 9:40 a.m.6 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/11 9:28 a.m.4 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/11 9:7 a.m.5 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
Mageia
Mageia
added 2020/05/08 10:57 a.m.54 views

Updated thunderbird packages fix security vulnerabilities

Updated thunderbird packages fix security vulnerabilities: A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash CVE-2020-6831. A race condition when running shutdown code for Web Worker led to...

10CVSS0.1AI score0.05803EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/05/06 10:53 a.m.3 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/06 10:49 a.m.2 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/06 8:47 a.m.2 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/06 8:28 a.m.4 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/05/06 8:12 a.m.2 views

Mozilla: Arbitrary local file access with 'Copy as cURL'

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

5.5CVSS7.4AI score0.00347EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/05/06 12:0 a.m.31 views

CVE-2020-12392

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This...

5.5CVSS6.9AI score0.00347EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/05/05 4:41 p.m.30 views

CVE-2020-12392

The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...

2.1CVSS7.5AI score0.00347EPSS
Exploits0References4
Mozilla
Mozilla
added 2020/05/05 12:0 a.m.73 views

Security Vulnerabilities fixed in Thunderbird 68.8.0 — Mozilla

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. A...

10CVSS0.2AI score0.05803EPSS
Exploits0References6Affected Software1
Citrix
Citrix
added 2020/03/30 12:0 a.m.13 views

Director Does not Show NetScaler MAS Data, Network Tab Shows "Page Not Fonud"

NetScaler MAS data cannot be showed in director network tab --page was not found...

7.1AI score
Exploits0
OSV
OSV
added 2020/03/25 10:15 p.m.6 views

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

8.8CVSS9.3AI score
Exploits0References6
NVD
NVD
added 2020/03/25 10:15 p.m.17 views

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

8.8CVSS9.1AI score0.03191EPSS
Exploits1References6
Prion
Prion
added 2020/03/25 10:15 p.m.26 views

Command injection

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

6.8CVSS9AI score0.03191EPSS
Exploits1References6Affected Software4
Cvelist
Cvelist
added 2020/03/25 9:12 p.m.21 views

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

9.2AI score0.03191EPSS
Exploits1References6
CVE
CVE
added 2020/03/25 9:12 p.m.364 views

CVE-2020-6811

CVE-2020-6811 concerns Mozilla Firefox/Thunderbird where Devtools Network tab’s Copy as cURL did not properly escape the HTTP method. The underlying issue could allow command injection if the generated curl command is pasted into a terminal. Public advisories indicate affected products include Th...

8.8CVSS9.1AI score0.03191EPSS
Exploits1References6Affected Software3
AlpineLinux
AlpineLinux
added 2020/03/25 9:12 p.m.73 views

CVE-2020-6811

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command...

8.8CVSS9.3AI score0.03191EPSS
Exploits1
Rows per page
Query Builder