exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 18 769

CVE-2024-6614

5 месяцев назад

The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6612

5 месяцев назад

CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6611

5 месяцев назад

A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6610

5 месяцев назад

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6608

5 месяцев назад

It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6604

5 месяцев назад

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6603

5 месяцев назад

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6601

5 месяцев назад

A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

EPSS: Низкий

CVE-2024-6531

около 1 месяца назад

Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.

EPSS: Низкий

CVE-2024-6505

9 месяцев назад

CVSS3: 6.8

EPSS: Низкий

CVE-2024-6485

2 месяца назад

XSS in Bootstrap button component

CVSS3: 6.4

EPSS: Низкий

CVE-2024-6484

7 месяцев назад

CVSS3: 6.1

EPSS: Низкий

CVE-2024-6387

больше 1 года назад

RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling

CVSS3: 8.1

EPSS: Средний

CVE-2024-6345

больше 1 года назад

CVSS3: 8.8

EPSS: Низкий

CVE-2024-6293

больше 1 года назад

Chromium: CVE-2024-6293 Use after free in Dawn

EPSS: Низкий

CVE-2024-6292

больше 1 года назад

Chromium: CVE-2024-6292 Use after free in Dawn

EPSS: Низкий

CVE-2024-6291

больше 1 года назад

Chromium: CVE-2024-6291 Use after free in Swiftshader

EPSS: Низкий

CVE-2024-6290

больше 1 года назад

Chromium: CVE-2024-6290 Use after free in Dawn

EPSS: Низкий

CVE-2024-6257

больше 1 года назад

HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation

CVSS3: 8.4

EPSS: Низкий

CVE-2024-6232

больше 1 года назад

Regular-expression DoS when parsing TarFile headers

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-6614 The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability affects Firefox < 128 and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6612 CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6611 A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.		1% Низкий	5 месяцев назад
CVE-2024-6610 Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6604 Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6603 In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6601 A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.		0% Низкий	5 месяцев назад
CVE-2024-6531 Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.			около 1 месяца назад
CVE-2024-6505	CVSS3: 6.8	0% Низкий	9 месяцев назад
CVE-2024-6485 XSS in Bootstrap button component	CVSS3: 6.4	0% Низкий	2 месяца назад
CVE-2024-6484	CVSS3: 6.1		7 месяцев назад
CVE-2024-6387 RedHat Openssh: CVE-2024-6387 Remote Code Execution Due To A Race Condition In Signal Handling	CVSS3: 8.1	26% Средний	больше 1 года назад
CVE-2024-6345	CVSS3: 8.8	5% Низкий	больше 1 года назад
CVE-2024-6293 Chromium: CVE-2024-6293 Use after free in Dawn		0% Низкий	больше 1 года назад
CVE-2024-6292 Chromium: CVE-2024-6292 Use after free in Dawn		0% Низкий	больше 1 года назад
CVE-2024-6291 Chromium: CVE-2024-6291 Use after free in Swiftshader		0% Низкий	больше 1 года назад
CVE-2024-6290 Chromium: CVE-2024-6290 Use after free in Dawn		0% Низкий	больше 1 года назад
CVE-2024-6257 HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation	CVSS3: 8.4	0% Низкий	больше 1 года назад
CVE-2024-6232 Regular-expression DoS when parsing TarFile headers	CVSS3: 7.5	3% Низкий	больше 1 года назад

Уязвимостей на страницу