|
278871
|
- |
|
cisco
|
ios_xe
|
Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID …
|
CWE-20
Improper Input Validation
|
CVE-2015-0685
|
2024-11-21 11:23 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278872
|
- |
|
mozilla
|
thunderbird
firefox
firefox_esr
|
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0816
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278873
|
- |
|
mozilla
|
thunderbird
firefox
firefox_esr
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2015-0815
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278874
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
NVD-CWE-noinfo
|
CVE-2015-0814
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278875
|
- |
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStream…
|
NVD-CWE-Other
|
CVE-2015-0813
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278876
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement …
|
CWE-17
Code
|
CVE-2015-0812
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278877
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive information from process heap memory or cause a denial of service (out-of-bounds read) via an image …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0811
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278878
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements assoc…
|
CWE-20
Improper Input Validation
|
CVE-2015-0810
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278879
|
- |
|
opensuse
canonical
mozilla
|
opensuse
ubuntu_linux
firefox
|
The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox before 37.0 uses incompatible approaches to the deallocation of memory for simple-type arrays, which m…
|
CWE-17
Code
|
CVE-2015-0808
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278880
|
- |
|
mozilla
|
firefox_esr
firefox
thunderbird
|
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight reque…
|
CWE-352
Origin Validation Error
|
CVE-2015-0807
|
2024-11-21 11:23 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
