Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27558

Malicious code in bioql PyPI...

6.1CVSS7.9AI score0.00598EPSS
Exploits1References6
OSV
OSV
added 2024/04/27 6:26 a.m.3 views

MGASA-2024-0153 Updated firefox packages fix security vulnerabilities

CVE-2024-3852: GetBoundName in the JIT returned the wrong object CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection CVE-2024-2609: Permission prompt input delay could expire when not ...

8.8CVSS6.8AI score0.00847EPSS
Exploits2References4
OSV
OSV
added 2024/04/25 5:26 p.m.4 views

SUSE-SU-2024:1437-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 115.10.1 Security fixes MFSA 2024-20 bsc1222535: - CVE-2024-3852: GetBoundName in the JIT returned the wrong object bmo1883542 - CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement...

9.8CVSS9.3AI score0.00847EPSS
Exploits2References11
RedHat Linux
RedHat Linux
added 2024/04/22 8:38 a.m.5 views

Mozilla: Permission prompt input delay could expire when not in focus

The Mozilla Foundation Security Advisory describes this flaw as: The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites...

6.1CVSS7.3AI score0.00598EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/04/19 12:0 a.m.29 views

Debian dla-3790 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3790 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3790-1 [email protected]...

8.8CVSS7.6AI score0.00847EPSS
Exploits2References18
RedHat Linux
RedHat Linux
added 2024/04/18 10:15 a.m.5 views

Mozilla: Permission prompt input delay could expire when not in focus

The Mozilla Foundation Security Advisory describes this flaw as: The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites...

6.1CVSS7.3AI score0.00598EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2024/04/18 9:58 a.m.4 views

Mozilla: Permission prompt input delay could expire when not in focus

The Mozilla Foundation Security Advisory describes this flaw as: The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites...

6.1CVSS7.3AI score0.00598EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.22 views

RHEL 8 : firefox (RHSA-2024:1911)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1911 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.5AI score0.00847EPSS
Exploits2References17
OSV
OSV
added 2024/04/16 4:3 p.m.3 views

SUSE-SU-2024:1319-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR MSFA 2024-19 bsc1222535: - CVE-2024-3852: GetBoundName in the JIT returned the wrong object - CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement - CVE-2024-3857:...

9.8CVSS6.4AI score0.00847EPSS
Exploits2References11
OSV
OSV
added 2024/03/19 12:15 p.m.1 views

DEBIAN-CVE-2024-2609

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

6.1CVSS7AI score0.00598EPSS
Exploits1References1
OSV
OSV
added 2024/03/19 12:15 p.m.7 views

CVE-2024-2609

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

6.1CVSS6AI score
Exploits0References6
Cvelist
Cvelist
added 2024/03/19 12:2 p.m.30 views

CVE-2024-2609

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

5.6AI score0.00598EPSS
Exploits1References6
OSV
OSV
added 2024/03/19 12:0 a.m.2 views

UBUNTU-CVE-2024-2609

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

6.1CVSS6.9AI score0.00598EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/11/24 2:1 a.m.1 views

SUSE CVE-2023-6206

The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox 12...

5.4CVSS8.6AI score0.00558EPSS
Exploits0References8
OSV
OSV
added 2019/07/23 2:15 p.m.3 views

CVE-2019-11697

If the ALT and "a" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on th...

6.5CVSS7AI score0.00846EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/07/23 1:22 p.m.23 views

CVE-2019-11697

If the ALT and "a" keys are pressed when users receive an extension installation prompt, the extension will be installed without the install prompt delay that keeps the prompt visible in order for users to accept or decline the installation. A malicious web page could use this with spoofing on th...

6.5CVSS8.1AI score0.00846EPSS
Exploits0
securityvulns
securityvulns
added 2007/06/04 12:0 a.m.34 views

[Full-disclosure] Assorted browser vulnerabilities

Hello, Will keep it brief. A couple of browser bugs, fresh from the oven, hand crafted with love: 1 Title : MSIE page update race condition CRITICAL Impact : cookie stealing / setting, page hijacking, memory corruption Demo : http://lcamtuf.coredump.cx/ierace/ ...aka the bait & switch...

7.6AI score
Exploits0
Rows per page
Query Builder