Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2016/12/22 12:0 a.m.50 views

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:3210-1)

MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues : - MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES - MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution - MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating...

9.8CVSS7.8AI score0.21401EPSS
Exploits12References24
Tenable Nessus
Tenable Nessus
added 2016/12/22 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:3222-1)

MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues : - MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES - MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution - MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating...

9.8CVSS7.8AI score0.21401EPSS
Exploits12References23
OSV
OSV
added 2016/12/21 9:36 p.m.9 views

SUSE-SU-2016:3222-1 Security update for MozillaFirefox

MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues: MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM...

9.8CVSS8.7AI score0.21401EPSS
Exploits12References12
RedHat Linux
RedHat Linux
added 2016/12/21 10:0 a.m.5 views

Mozilla: Pocket extension does not validate the origin of events (MFSA 2016-94, MFSA 2016-95)

The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10...

7.5CVSS7.4AI score0.01334EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2016/12/20 12:0 a.m.44 views

openSUSE Security Update : MozillaFirefox (openSUSE-2016-1490)

This update to MozillaFirefox 50.1.0 fixes the following vulnerabilities : - CVE-2016-9894: Buffer overflow in SkiaGL - CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements - CVE-2016-9895: CSP bypass using marquee tag - CVE-2016-9896: Use-after-free with WebVR -...

9.8CVSS7.8AI score0.21401EPSS
Exploits12References15
OPENSUSE Linux
OPENSUSE Linux
added 2016/12/16 7:8 p.m.54 views

Security update for MozillaFirefox (important)

This update to MozillaFirefox 50.1.0 fixes the following vulnerabilities: - CVE-2016-9894: Buffer overflow in SkiaGL - CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements - CVE-2016-9895: CSP bypass using marquee tag - CVE-2016-9896: Use-after-free with WebVR -...

0.1AI score0.21401EPSS
Exploits12References2
RedHat Linux
RedHat Linux
added 2016/12/14 10:1 a.m.8 views

Mozilla: Pocket extension does not validate the origin of events (MFSA 2016-94, MFSA 2016-95)

The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not affect users with e10...

7.5CVSS7.4AI score0.01334EPSS
Exploits1References5
Rows per page
Query Builder