538 matches found
CVE-2024-9398
The Mozilla Foundation's Security Advisory: By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed...
CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
DEBIAN-CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
CVE-2024-9398
By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
Security Vulnerabilities fixed in Firefox 131 — Mozilla
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible.This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffecte...
The vulnerability of the File Protocol Handler component in Cisco Webex Teams software allows attackers to disclose protected information.
The vulnerability of the File Protocol Handler component in Cisco Webex Meetings and Teams software lies in the lack of protection for sensitive data. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted link...
Mozilla Thunderbird < 115.12
The version of Thunderbird installed on the remote Windows host is prior to 115.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-28 advisory. - By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if...
CVE-2024-5690
Vulnerability CVE-2024-5690 affects Mozilla Firefox and Thunderbird components via a timing-attack on external protocol handler detection. Affected products explicitly include Firefox < 127, Firefox ESR < 115.12, and Thunderbird
Security Vulnerabilities fixed in Firefox 127 — Mozilla
If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec- headers, meaning there is the potential for incorrect...
RHEL 8 : firefox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: mixed content warning is not displayed when HTTPS page loads a favicon over HTTP CVE-2018-12403 ...
RHEL 7 : firefox (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: Possible integer overflow to fix inside XMLParse in Expat CVE-2016-9063 - firefox: arbitrary cod...
GLSA-202405-15 : Mozilla Firefox: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202405-15 Mozilla Firefox: Multiple Vulnerabilities - When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects...
Dalli: Code Injection
Background Dalli is a high performance pure Ruby client for accessing memcached servers. Description A vulnerability was found in Dalli. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta Protocol Handler. The manipulation leads to...
GLSA-202405-03 : Dalli: Code Injection
The remote host is affected by the vulnerability described in GLSA-202405-03 Dalli: Code Injection - A vulnerability was found in Dalli. It has been classified as problematic. Affected is the function self.metaset of the file lib/dalli/protocol/meta/requestformatter.rb of the component Meta...
Mobatek MobaXterm 11.1 / 12.1 (CVE-2019-16305)
The version of Mobatek MobaXterm installed on the remote host is 11.1 and 12.1. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16305 advisory. - In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup...
The vulnerability of the Mozilla Firefox browser is related to errors in processing SameSite cookies, which allows an attacker to compromise the integrity of the protected information.
The vulnerability of the Mozilla Firefox browser is related to errors in processing SameSite cookies when opening a website using the “firefox://” protocol handler. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...
SUSE CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...
CVE-2024-1555
When opening a website using the firefox:// protocol handler, SameSite cookies were not properly respected. This vulnerability affects Firefox 123...