Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8286 matches found

RedHat Linux
RedHat Linuxadded 2010/07/21 1:0 a.m.4 views

Mozilla Cross-origin data disclosure via Web Workers and importScripts

The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Polic...

4.3CVSS7.4AI score0.00186EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2010/07/21 12:24 a.m.44 views

Critical: Red Hat Security Advisory: seamonkey security update

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

9.8CVSS7.1AI score0.14816EPSS
Exploits15References7
Tenable Nessus
Tenable Nessusadded 2010/07/21 12:0 a.m.18 views

Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities

Binary data 5609.prm...

9.8CVSS7.3AI score0.14816EPSS
Exploits19References20
Tenable Nessus
Tenable Nessusadded 2010/07/21 12:0 a.m.42 views

Mozilla Thunderbird 3.1.x < 3.1.1 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 3.1.1. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. MFSA 2010-34 - It may be possible to run...

9.8CVSS7.6AI score0.14816EPSS
Exploits20References21
Tenable Nessus
Tenable Nessusadded 2010/07/21 12:0 a.m.11 views

Firefox 3.6.x < 3.6.7 Multiple Vulnerabilities

Binary data 800780.prm...

9.8CVSS7.3AI score0.14816EPSS
Exploits27References31
Tenable Nessus
Tenable Nessusadded 2010/07/21 12:0 a.m.210 views

Mozilla Firefox 3.6.x < 3.6.7 Multiple Vulnerabilities

Binary data 5607.prm...

9.8CVSS7.3AI score0.14816EPSS
Exploits27References31
Mozilla
Mozillaadded 2010/07/20 12:0 a.m.38 views

Cross-origin data disclosure via Web Workers and importScripts — Mozilla

Security researcher Yosuke Hasegawa reported that the Web Worker method importScripts can read and parse resources from other domains even when the content is not valid JavaScript. This is a violation of the same-origin policy and could be used by an attacker to steal information from other sites...

4.3CVSS2.1AI score0.00186EPSS
Exploits1References2Affected Software3
Mozilla
Mozillaadded 2010/07/20 12:0 a.m.25 views

Same-origin bypass using canvas context — Mozilla

Mozilla developer Vladimir Vukicevic reported that a canvas element can be used to read data from another site, violating the same-origin policy. The read restriction placed on a canvas element which has had cross-origin data rendered into it can be bypassed by retaining a reference to the canvas...

4.3CVSS2.4AI score0.00421EPSS
Exploits1References2Affected Software2
OpenVAS
OpenVASadded 2010/07/02 12:0 a.m.32 views

Mozilla Firefox Address Bar Spoofing Vulnerability june-10 (Windows)

The host is installed with Mozilla Firefox and is prone to spoofing vulnerability. OpenVAS Vulnerability Test $Id: secpodmozillafirefoxspoofingvulnwinjun10.nasl 5394 2017-02-22 09:22:42Z teissa $ Mozilla Firefox Address Bar Spoofing Vulnerability june-10 Windows Authors: Antu Sanadi Copyright:...

4.3CVSS9.4AI score0.0046EPSS
Exploits1References3
OpenVAS
OpenVASadded 2010/07/02 12:0 a.m.30 views

Mozilla Firefox Address Bar Spoofing Vulnerability (Jun 2010) - Windows

Mozilla Firefox is prone to spoofing vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.4AI score0.0046EPSS
Exploits1References3
NVD
NVDadded 2010/06/25 7:30 p.m.21 views

CVE-2010-1206

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is...

4.3CVSS8.9AI score0.0046EPSS
Exploits1References6
Prion
Prionadded 2010/06/25 7:30 p.m.22 views

Design/Logic Flaw

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is...

4.3CVSS6.6AI score0.0046EPSS
Exploits1References6Affected Software2
Cvelist
Cvelistadded 2010/06/25 7:0 p.m.27 views

CVE-2010-1206

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is...

9AI score0.0046EPSS
Exploits1References6
CVE
CVEadded 2010/06/25 7:0 p.m.109 views

CVE-2010-1206

CVE-2010-1206 affects Mozilla Firefox and SeaMonkey. The startDocumentLoad function in Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, bypasses the Same Origin Policy under conditions involving an about:blank document and a currently loading document. This enables ...

4.3CVSS8.8AI score0.0046EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCveadded 2010/06/25 12:0 a.m.26 views

CVE-2010-1206

The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, does not properly implement the Same Origin Policy in certain circumstances related to the about:blank document and a document that is...

4.3CVSS7.2AI score0.0046EPSS
Exploits1References3
ThreatPost
ThreatPostadded 2010/06/22 8:27 p.m.7 views

New Firefox Flaw Enables URL Spoofing, Code Injection

A prominent security researcher has identified a problem with the way that Mozilla Firefox handles links that are opened in a new browser window or tab, enabling attackers to inject arbitrary code into the new window or tab while still keeping a deceptive URL in the browser’s address bar. The...

0.6AI score
Exploits0References6
NVD
NVDadded 2010/06/15 6:0 p.m.24 views

CVE-2010-2296

The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...

9.3CVSS6.2AI score0.0039EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2010/06/15 6:0 p.m.35 views

CVE-2010-2296

The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...

9.3CVSS5.9AI score0.0039EPSS
Exploits0References1
Prion
Prionadded 2010/06/15 6:0 p.m.21 views

Information disclosure

The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors...

9.3CVSS6.7AI score0.0039EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVEadded 2010/06/15 5:48 p.m.26 views

CVE-2010-2296

Removed by vendor...

9.3CVSS6.7AI score0.0039EPSS
Exploits0
Rows per page
Query Builder