Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

69 matches found

NVD
NVDadded 2009/04/22 6:30 p.m.21 views

CVE-2009-1309

Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for 1 XMLHttpRequest, involving a mismatch for a document's principal, and 2 XPCNativeWrapper.toString, involving an incorrect proto scope, which allows remote attackers to conduct cross-site...

4.3CVSS5.8AI score0.01757EPSS
Exploits0References31
RedHat Linux
RedHat Linuxadded 2009/04/21 11:44 p.m.2 views

Firefox Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString

Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for 1 XMLHttpRequest, involving a mismatch for a document's principal, and 2 XPCNativeWrapper.toString, involving an incorrect proto scope, which allows remote attackers to conduct cross-site...

4.3CVSS7.3AI score0.01757EPSS
Exploits0References4
OpenVAS
OpenVASadded 2009/03/23 12:0 a.m.34 views

Ubuntu Update for firefox vulnerabilities USN-490-1

Ubuntu Update for Linux kernel vulnerabilities USN-490-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4901.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox vulnerabilities USN-490-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

9.3CVSS0.9AI score0.2528EPSS
Exploits6References2
Tenable Nessus
Tenable Nessusadded 2008/10/07 12:0 a.m.39 views

openSUSE 10 Security Update : seamonkey (seamonkey-5657)

This patch updates SeaMonkey to version 1.1.12, fixing security and other bugs : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before...

10CVSS8.5AI score0.48604EPSS
Exploits15References16
Tenable Nessus
Tenable Nessusadded 2008/10/06 12:0 a.m.230 views

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5655)

This update brings Mozilla Thunderbird to version 2.0.0.17. It contains the following security fixes: MFSA 2008-46 / CVE-2008-4070: Heap overflow when canceling a newsgroup message MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters...

10CVSS8.6AI score0.48604EPSS
Exploits16References15
RedHat Linux
RedHat Linuxadded 2008/10/01 3:33 p.m.2 views

Mozilla privilege escalation via XPCnativeWrapper pollution

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

7.5CVSS6.2AI score0.02018EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2008/10/01 3:33 p.m.3 views

Mozilla privilege escalation via XPCnativeWrapper pollution

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element...

7.5CVSS6.2AI score0.07556EPSS
Exploits1References4
securityvulns
securityvulnsadded 2008/09/29 12:0 a.m.86 views

Mozilla Foundation Security Advisory 2008-41

Mozilla Foundation Security Advisory 2008-41 Title: Privilege escalation via XPCnativeWrapper pollution Impact: Critical Announced: September 23, 2008 Reporter: mozbugra4, Olli Pettay Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 Thunderbird 2.0.0.17 SeaMonkey...

7.5CVSS0.7AI score0.07556EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2008/09/24 2:4 a.m.0 views

Mozilla privilege escalation via XPCnativeWrapper pollution

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to 1 chrome XBL and 2 chrome JS...

7.5CVSS7.7AI score0.0348EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2008/09/24 1:42 a.m.2 views

Mozilla privilege escalation via XPCnativeWrapper pollution

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...

7.5CVSS6.2AI score0.02018EPSS
Exploits1References4
Mozilla
Mozillaadded 2008/09/23 12:0 a.m.36 views

Privilege escalation via XPCnativeWrapper pollution — Mozilla

Mozilla security researcher mozbugra4 reported a series of vulnerabilities by which page content can pollute XPCNativeWrappers and have arbitrary code run with chrome privileges. One variant reported by mozbugra4 only affected Firefox 2...

7.5CVSS4.3AI score0.07556EPSS
Exploits1References6Affected Software3
OpenVAS
OpenVASadded 2008/06/17 12:0 a.m.37 views

Mozilla Firefox, Thunderbird, Seamonkey. Several vulnerabilitys (Linux)

The remote host is probable affected by the vulnerabilitys described in CVE-2008-0416, CVE-2007-4879, CVE-2008-1195, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241 and more. Impact Mozilla contributors mozbugra4, Boris Zbarsk...

9.3CVSS0.1AI score0.31817EPSS
Exploits4References1
Tenable Nessus
Tenable Nessusadded 2008/05/13 12:0 a.m.42 views

Debian DSA-1574-1 : icedove - several vulnerabilities

This shares a lot of text with dsa-1532.wml, dsa-1534.wml, dsa-1535.wml Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : -...

9.3CVSS8.4AI score0.31817EPSS
Exploits3References13
RedHat Linux
RedHat Linuxadded 2008/04/03 2:44 p.m.0 views

Mozilla products XPCNativeWrapper pollution

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."...

6.8CVSS7.8AI score0.24819EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2008/03/31 12:0 a.m.46 views

Debian DSA-1532-1 : xulrunner - several vulnerabilities

This shares a lot of text with dsa-1534.wml, dsa-1535.wml, dsa-1574.wml Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4879 Peter Broderse...

9.3CVSS8.3AI score0.31817EPSS
Exploits4References21
Debian
Debianadded 2008/03/30 12:22 p.m.40 views

[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1535-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 30, 2008 http://www.debian.org/security/faq -...

9.3CVSS7.6AI score0.31817EPSS
Exploits4
Debian
Debianadded 2008/03/28 1:48 p.m.48 views

[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1534-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28, 2008 http://www.debian.org/security/faq -...

9.3CVSS7.6AI score0.31817EPSS
Exploits4
RedHat Linux
RedHat Linuxadded 2008/03/27 11:0 p.m.2 views

Mozilla products XPCNativeWrapper pollution

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."...

6.8CVSS7.8AI score0.24819EPSS
Exploits1References4
Debian
Debianadded 2008/03/27 10:1 p.m.54 views

[SECURITY] [DSA 1532-1] New xulrunner packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1532-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 27, 2008 http://www.debian.org/security/faq -...

9.3CVSS7.6AI score0.31817EPSS
Exploits4
Prion
Prionadded 2008/03/27 10:44 a.m.23 views

Code injection

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."...

6.8CVSS7.7AI score0.24819EPSS
Exploits1References51Affected Software3
Rows per page
Query Builder