exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 14

BDU:2024-06569

11 месяцев назад

Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки

CVSS3: 4.3

EPSS: Низкий

CVE-2024-7524

11 месяцев назад

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.

CVSS3: 6.1

EPSS: Низкий

CVE-2024-7524

11 месяцев назад

CVSS3: 6.1

EPSS: Низкий

CVE-2024-7524

11 месяцев назад

CVSS3: 6.1

EPSS: Низкий

CVE-2024-7524

11 месяцев назад

Firefox adds web-compatibility shims in place of some tracking scripts ...

CVSS3: 6.1

EPSS: Низкий

GHSA-7m9h-4qg6-4hmh

11 месяцев назад

CVSS3: 6.1

EPSS: Низкий

RLSA-2024:5391

около 1 месяца назад

Important: firefox security update

EPSS: Низкий

ELSA-2024-5391

10 месяцев назад

ELSA-2024-5391: firefox security update (IMPORTANT)

EPSS: Низкий

ELSA-2024-5324

9 месяцев назад

ELSA-2024-5324: firefox security update (IMPORTANT)

EPSS: Низкий

ELSA-2024-5322

10 месяцев назад

ELSA-2024-5322: firefox security update (IMPORTANT)

EPSS: Низкий

ROS-20240828-08

10 месяцев назад

Множественные уязвимости thunderbird

CVSS3: 8.8

EPSS: Низкий

ROS-20240828-03

10 месяцев назад

Множественные уязвимости firefox

CVSS3: 8.8

EPSS: Низкий

SUSE-SU-2024:3003-1

10 месяцев назад

Security update for MozillaFirefox

EPSS: Низкий

SUSE-SU-2024:2876-1

10 месяцев назад

Security update for MozillaFirefox

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2024-06569 Уязвимость компонента Content Security Policy браузеров Firefox, Firefox ESR, позволяющая нарушителю осуществлять межсайтовые сценарные атаки	CVSS3: 4.3	0% Низкий	11 месяцев назад
CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	CVSS3: 6.1	0% Низкий	11 месяцев назад
CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	CVSS3: 6.1	0% Низкий	11 месяцев назад
CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	CVSS3: 6.1	0% Низкий	11 месяцев назад
CVE-2024-7524 Firefox adds web-compatibility shims in place of some tracking scripts ...	CVSS3: 6.1	0% Низкий	11 месяцев назад
GHSA-7m9h-4qg6-4hmh Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	CVSS3: 6.1	0% Низкий	11 месяцев назад
RLSA-2024:5391 Important: firefox security update			около 1 месяца назад
ELSA-2024-5391 ELSA-2024-5391: firefox security update (IMPORTANT)			10 месяцев назад
ELSA-2024-5324 ELSA-2024-5324: firefox security update (IMPORTANT)			9 месяцев назад
ELSA-2024-5322 ELSA-2024-5322: firefox security update (IMPORTANT)			10 месяцев назад
ROS-20240828-08 Множественные уязвимости thunderbird	CVSS3: 8.8		10 месяцев назад
ROS-20240828-03 Множественные уязвимости firefox	CVSS3: 8.8		10 месяцев назад
SUSE-SU-2024:3003-1 Security update for MozillaFirefox			10 месяцев назад
SUSE-SU-2024:2876-1 Security update for MozillaFirefox			10 месяцев назад

Уязвимостей на страницу