Lucene search
K

6 matches found

Redos
Redos
added 2024/09/23 12:0 a.m.39 views

ROS-20240923-02

Vulnerability of ANGLE library in Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

8.8CVSS9.8AI score0.02155EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/12/27 12:0 a.m.7 views

The vulnerability of full-screen notifications in the Mozilla Firefox and Firefox Focus browsers on Android operating systems allows a perpetrator to compromise data integrity.

The vulnerability of full-screen notifications in Mozilla Firefox and Firefox Focus browsers on Android operating systems is related to errors in processing pop-up notifications. Exploiting this vulnerability can allow a malicious actor to compromise data integrity from a remote location...

5CVSS6.5AI score0.0038EPSS
Exploits0References4Affected Software2
Redos
Redos
added 2023/06/22 12:0 a.m.34 views

ROS-20230622-08

Mozilla Thunderbird email client vulnerability is related to a boundary error in FileReader::DoReadData when reading a file. Exploitation of the vulnerability could allow an attacker acting remotely to cause memory corruption and execute arbitrary code on the target system. memory corruption and...

8.8CVSS8AI score0.00918EPSS
Exploits0
Veracode
Veracode
added 2022/11/23 3:53 a.m.16 views

Cross-site Scripting (XSS)

librenms/librenms is vulnerable to cross-site scripting.The vulnerability exists in destroy function of DeviceGroupController.php and PortGroupController.php due to insufficient input validation in the pop-up notifications which allows an attacker to inject and execute malicious javaScript...

4.8CVSS5.4AI score0.93343EPSS
Exploits0References8Affected Software1
Huntr
Huntr
added 2022/10/20 6:31 p.m.10 views

Stored Cross-Site Scripting (XSS)

Description There is insufficient input validation in the pop-up notifications. Proof of Concept Steps to reproduce: 1. Log in to an admin account 2. Click on Services - Services Templates 3. Create a new Service Template with the Name alertdocument.location 4. The XSS is triggered when the...

6.3AI score
Exploits0
Huntr
Huntr
added 2022/09/21 6:20 p.m.14 views

Stored Cross-Site Scripting (XSS)

Description There is insufficient input validation in the pop-up notifications. Proof of Concept Steps to reproduce: 1. Log in to an admin account 2. Click on Ports - Manage Groups 3. Create a new Port Group with the Name alertdocument.location and an arbitrary Description 4. The XSS is triggered...

4.3CVSS0.8AI score0.93343EPSS
Exploits0
Rows per page
Query Builder