Lucene search
K

56 matches found

RedHat Linux
RedHat Linux
added 2024/09/16 12:10 p.m.4 views

mozilla: SelectElements could be shown over another site if popups are allowed

The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack...

6.1CVSS7.2AI score0.00366EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2024/09/03 3:43 p.m.15 views

CVE-2024-8386

The Mozilla Foundation's Security Advisory: If a site had been granted permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack...

6.1CVSS9.2AI score0.00366EPSS
Exploits0References8
OSV
OSV
added 2024/09/03 1:15 p.m.2 views

DEBIAN-CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...

6.1CVSS7.2AI score0.00366EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/09/03 1:15 p.m.16 views

CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...

6.8AI score0.00366EPSS
Exploits0
OSV
OSV
added 2024/09/03 1:15 p.m.8 views

UBUNTU-CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...

6.1CVSS7.1AI score0.00366EPSS
Exploits0References9
CVE
CVE
added 2024/09/03 12:32 p.m.298 views

CVE-2024-8386

CVE-2024-8386 : A spoofing vulnerability where, if a site has permission to open popup windows, Select elements can appear on top of another site. Affected: Firefox versions before 130, Firefox ESR before 128.2, and Thunderbird before 128.2. Impact is described in external advisories; no exploita...

6.1CVSS6.6AI score0.00366EPSS
Exploits0References6Affected Software2
Vulnrichment
Vulnrichment
added 2024/09/03 12:32 p.m.19 views

CVE-2024-8386

If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2...

6.6AI score0.00366EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/09/03 12:0 a.m.43 views

Mozilla Firefox < 130.0

The version of Firefox installed on the remote Windows host is prior to 130.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-39 advisory. - Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that...

9.8CVSS7.7AI score0.04395EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/05/09 12:0 a.m.5 views

PT-2024-6194 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions through 1.14.3 Description: The issue is related to a heap-based buffer overflow in the H5VM array fill function in the H5VM.c file of the HDF5 Library. This overflow can be triggered when the H5S select elements functio...

9CVSS7.9AI score0.00912EPSS
Exploits0References13
CNVD
CNVD
added 2021/06/07 12:0 a.m.26 views

Mozilla Firefox UI spoofing vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a UI spoofing vulnerability that originates when Firefox does not properly render oversized <select> elements, which can be exploited by remote attackers to perform spoofing attacks...

4.3CVSS4.6AI score0.0076EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/01 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a UI spoofing vulnerability that originates when Firefox does not properly render oversized <select> elements, which can be exploited by remote attackers to perform spoofing attacks...

4.3CVSS8.3AI score0.0076EPSS
Exploits0References9
Veracode
Veracode
added 2020/12/06 3:5 a.m.25 views

Sandbox Restrictions Bypass

chromium is vulnerable to arbitrary code execution. Incorrect lifetime handling in HTML select elements allows a remote attacker to perform a sandbox escape via a malicious HTML page...

9.6CVSS4.2AI score0.01457EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2020/06/08 2:15 p.m.21 views

CVE-2020-7676

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "" elements in "" ones changes parsing behavior, leading to possibly unsanitizing code...

5.4CVSS6.2AI score0.02142EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2020/02/18 8:16 a.m.6 views

Mozilla: Incorrect parsing of template tag could result in JavaScript injection

If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be...

6.1CVSS7.2AI score0.02056EPSS
Exploits0References5
NVD
NVD
added 2019/02/19 5:29 p.m.22 views

CVE-2019-5759

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.6AI score0.01457EPSS
Exploits0References7
OSV
OSV
added 2019/02/19 5:29 p.m.3 views

DEBIAN-CVE-2019-5759

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.4AI score0.01457EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.62 views

openSUSE Security Update : chromium (openSUSE-2019-204)

This update for Chromium to version 72.0.3626.96 fixes the following issues : Security issues fixed bsc1123641 and bsc1124936 : - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8...

9.6CVSS7.2AI score0.12879EPSS
Exploits2References33
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.57 views

Debian DSA-4395-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2018-17481 A use-after-free issue was discovered in the pdfium library. - CVE-2019-5754 Klzgrad discovered an error in the QUIC networking implementation. - CVE-2019-5755 Jay Bosamiya discovered an implementation erro...

9.6CVSS7.4AI score0.12879EPSS
Exploits2References63
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/18 12:0 a.m.111 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:0204-1 Rating: important References: 1123641 1124936 Cross-References: CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-57...

9.6CVSS6.9AI score0.12879EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2019/02/12 2:46 a.m.5 views

chromium-browser: Use after free in HTML select elements

Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS7.4AI score0.01457EPSS
Exploits0References5
Rows per page
Query Builder