[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15162 Download | Alert*

The host is installed with Google Chrome before 84.0.4147.89 or Microsoft Edge Chromium before 84.0.522.40 and is prone to an unknown vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

Mozilla Firefox 80 : When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack.

Mozilla Firefox 80 : During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data.

Mozilla Firefox 80, Mozilla Firefox ESR 68.12, Mozilla Firefox ESR 78.2, Mozilla Thunderbird 68.12 and Mozilla Thunderbird 78.2 : If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with administrative privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the vers ...

Mozilla Firefox 80, Mozilla Firefox ESR 68.12, Mozilla Firefox ESR 78.2, Mozilla Thunderbird 68.12 and Mozilla Thunderbird 78.2 : By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an u ...

Mozilla Firefox 80 : Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors.

Mozilla Firefox 80 : When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other attacks.

The host is installed with Google Chrome before 68.0.3440.75 or Mozilla Firefox before 70.0 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via <code>drop</code> event data. This allows for the theft of b ...

Mozilla Firefox 67 : A malicious page can briefly cause the wrong name to be highlighted as the domain name in the addressbar during page navigations. This could result in user confusion of which site is currently loaded for spoofing attacks.


Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   1516

© SecPod Technologies