| Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 173488 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2020-08-10 | CVE-2020-15658 | cve | The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading t... |
| N/A | 2020-08-10 | CVE-2020-15657 | cve | Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation... |
| N/A | 2020-08-10 | CVE-2020-15656 | cve | JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in t... |
| N/A | 2020-08-10 | CVE-2020-15655 | cve | A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. T... |
| N/A | 2020-08-10 | CVE-2020-15654 | cve | When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could le... |
| N/A | 2020-08-10 | CVE-2020-15653 | cve | An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configur... |
| N/A | 2020-08-10 | CVE-2020-15652 | cve | By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed... |
| 4.3 | 2020-08-10 | CVE-2020-15651 | cve | A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability... |
| 5.5 | 2020-08-10 | CVE-2020-15650 | cve | Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *N... |
| 5.5 | 2020-08-10 | CVE-2020-15649 | cve | Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: Thi... |
| 6.5 | 2020-08-10 | CVE-2020-15648 | cve | Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 7... |
| 7.4 | 2020-08-10 | CVE-2020-15647 | cve | A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies f... |
| N/A | 2020-08-10 | CVE-2020-9529 | cve | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege e... |
| N/A | 2020-08-10 | CVE-2020-9528 | cve | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic... |
| N/A | 2020-08-10 | CVE-2020-9527 | cve | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devi... |
| N/A | 2020-08-10 | CVE-2020-9526 | cve | CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the net... |
| N/A | 2020-08-10 | CVE-2020-9525 | cve | CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle a... |
| 5.5 | 2020-08-10 | CVE-2020-8229 | cve | A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system. |
| 7.8 | 2020-08-10 | CVE-2020-8224 | cve | A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory. |
| 8.8 | 2020-08-10 | CVE-2020-6145 | cve | An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacke... |
| Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 173488 |
