Lucene search
K

698 matches found

Tenable Nessus
Tenable Nessus
added 2018/10/24 12:0 a.m.43 views

FreeBSD : mozilla -- multiple vulnerabilities (7c3a02b9-3273-4426-a0ba-f90fad2ff72e)

Mozilla Foundation reports : CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin CVE-2018-12392: Crash with nested event loops CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript CVE-2018-12395: WebExtension bypass of domain restrictions through...

9.8CVSS7.5AI score0.03924EPSS
Exploits0References17
OSV
OSV
added 2018/10/24 12:0 a.m.2 views

UBUNTU-CVE-2018-12402

The internal WebBrowserPersist code does not use correct origin context for a resource being saved. This manifests when sub-resources are loaded as part of "Save Page As..." functionality. For example, a malicious page could recover a visitor's Windows username and NTLM hash by including resource...

6.5CVSS7AI score0.01406EPSS
Exploits0References4
Mozilla
Mozilla
added 2018/10/23 12:0 a.m.550 views

Security vulnerabilities fixed in Firefox 63 — Mozilla

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.8CVSS0.4AI score0.03924EPSS
Exploits0References16Affected Software1
Kaspersky
Kaspersky
added 2018/10/23 12:0 a.m.584 views

KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities were found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, read local files, spoof user interface and execute arbitrary code. Below is a comple...

9.8CVSS9.6AI score0.03924EPSS
Exploits0References5
NVD
NVD
added 2018/10/18 1:29 p.m.18 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS8.1AI score0.01071EPSS
Exploits0References5
Prion
Prion
added 2018/10/18 1:29 p.m.20 views

Cross site request forgery (csrf)

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

6.8CVSS8.5AI score0.01071EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2018/10/18 1:0 p.m.23 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS9.4AI score0.01071EPSS
Exploits0
Cvelist
Cvelist
added 2018/10/18 1:0 p.m.16 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8AI score0.01071EPSS
Exploits0References5
CVE
CVE
added 2018/10/18 1:0 p.m.157 views

CVE-2018-12370

CVE-2018-12370 : In Firefox Reader View, SameSite cookie protections are not checked on exit, allowing a payload to trigger when Reader View is left if loaded from a malicious site while Reader mode is active, bypassing CSRF protections. Affected products are Firefox versions earlier than 61.0. C...

8.8CVSS7.9AI score0.01071EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.28 views

Mozilla Firefox < 61 Multiple Vulnerabilities

Binary data 700330.prm...

9.8CVSS7.3AI score0.04831EPSS
Exploits3References18
CNVD
CNVD
added 2018/07/03 12:0 a.m.3 views

Mozilla Firefox Security Restriction Bypass Vulnerability (CNVD-2018-14988)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 61, which stems from the program's failure to detect protection for SameSite cookies. An attacker could use this vulnerabilit...

8.8CVSS8.6AI score0.01071EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/06/27 1:23 a.m.24 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS4AI score0.01071EPSS
Exploits0References2
OSV
OSV
added 2018/06/27 12:0 a.m.1 views

UBUNTU-CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS7AI score0.01071EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/06/27 12:0 a.m.23 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS7AI score0.01071EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/06/27 12:0 a.m.39 views

FreeBSD : mozilla -- multiple vulnerabilities (cd81806c-26e7-4d4a-8425-02724a2f48af)

Mozilla Foundation reports : CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus CVE-2018-12361: Integer overflow in SwizzleData CVE-2018-12358: Same-origin bypass using service worker and redirection CVE-2018-12362: Integer overfl...

9.8CVSS7.3AI score0.04831EPSS
Exploits3References22
Mozilla
Mozilla
added 2018/06/26 12:0 a.m.550 views

Security vulnerabilities fixed in Firefox 61 — Mozilla

A buffer overflow can occur when rendering canvas content while adjusting the height and width of the element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. A use-after-free vulnerability can occur when deleti...

9.8CVSS9.5AI score0.04647EPSS
Exploits0References19Affected Software1
Kaspersky
Kaspersky
added 2018/06/26 12:0 a.m.208 views

KLA11271 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of...

9.8CVSS10AI score0.04831EPSS
Exploits3References6
Microsoft KB
Microsoft KB
added 2018/06/12 7:0 a.m.164 views

June 12, 2018—KB4284835 (OS Build 17134.112)

June 12, 2018—KB4284835 OS Build 17134.112 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections from an additional subclass of speculative execution side channel...

9.3CVSS7.3AI score0.7131EPSS
Exploits10
Rows per page
Query Builder