Количество 15
Количество 15
SUSE-SU-2015:1504-1
Security update for MozillaFirefox
ELSA-2015-1693
ELSA-2015-1693: firefox security update (CRITICAL)
CVE-2015-4498
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
CVE-2015-4498
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
CVE-2015-4498
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
CVE-2015-4498
The add-on installation feature in Mozilla Firefox before 40.0.3 and F ...
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implement ...
SUSE-SU-2015:1476-1
Security update for MozillaFirefox, mozilla-nss
GHSA-v9wp-mjxj-3vqc
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element.
GHSA-9xmm-8mw4-qgc6
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
BDU:2015-11312
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти процедуру подтверждения действий пользователем при установке обновления
BDU:2015-11311
Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2015:1504-1 Security update for MozillaFirefox | почти 10 лет назад | ||
| ELSA-2015-1693 ELSA-2015-1693: firefox security update (CRITICAL) | около 10 лет назад | ||
 | CVE-2015-4498 The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process. | CVSS2: 7.5 | 1% Низкий | почти 10 лет назад |
 | CVE-2015-4498 The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process. | CVSS2: 5.1 | 1% Низкий | около 10 лет назад |
 | CVE-2015-4498 The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process. | CVSS2: 7.5 | 1% Низкий | почти 10 лет назад |
| CVE-2015-4498 The add-on installation feature in Mozilla Firefox before 40.0.3 and F ... | CVSS2: 7.5 | 1% Низкий | почти 10 лет назад |
| CVE-2015-4497 Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element. | CVSS2: 10 | 3% Низкий | почти 10 лет назад |
| CVE-2015-4497 Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element. | CVSS2: 6.8 | 3% Низкий | около 10 лет назад |
| CVE-2015-4497 Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element. | CVSS2: 10 | 3% Низкий | почти 10 лет назад |
| CVE-2015-4497 Use-after-free vulnerability in the CanvasRenderingContext2D implement ... | CVSS2: 10 | 3% Низкий | почти 10 лет назад |
| SUSE-SU-2015:1476-1 Security update for MozillaFirefox, mozilla-nss | почти 10 лет назад | ||
| GHSA-v9wp-mjxj-3vqc Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element. | 3% Низкий | больше 3 лет назад | |
| GHSA-9xmm-8mw4-qgc6 The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process. | 1% Низкий | больше 3 лет назад | |
 | BDU:2015-11312 Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю обойти процедуру подтверждения действий пользователем при установке обновления | CVSS2: 7.5 | 1% Низкий | около 10 лет назад |
| BDU:2015-11311 Уязвимость браузеров Firefox и Firefox ESR, позволяющая нарушителю выполнить произвольный код | CVSS2: 10 | 3% Низкий | около 10 лет назад |
Уязвимостей на страницу