|
265601
|
6.1 |
MEDIUM
Network
|
apple
mozilla
|
mac_os_x
firefox
|
The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that trigger…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1941
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265602
|
5.3 |
MEDIUM
Network
|
google
mozilla
|
android
firefox
|
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.
|
CWE-17
Code
|
CVE-2016-1940
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265603
|
5.3 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
firefox
|
Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vul…
|
CWE-200
Information Exposure
|
CVE-2016-1939
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265604
|
6.5 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
nss
firefox
|
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier fo…
|
CWE-310
Cryptographic Issues
|
CVE-2016-1938
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265605
|
6.1 |
MEDIUM
Network
|
mozilla
opensuse
|
firefox
leap
opensuse
|
The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a do…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1937
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265606
|
8.8 |
HIGH
Network
|
opensuse
oracle
mozilla
|
leap
opensuse
linux
firefox
|
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1935
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265607
|
6.5 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
firefox
|
Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted G…
|
CWE-189
Numeric Errors
|
CVE-2016-1933
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265608
|
10.0 |
CRITICAL
Network
|
mozilla
opensuse
|
firefox
leap
opensuse
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1931
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265609
|
9.8 |
CRITICAL
Network
|
mozilla
oracle
opensuse
|
firefox
linux
leap
opensuse
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1930
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265610
|
10.0 |
CRITICAL
Network
|
hp
|
operations_manager
|
HPE Operations Manager 8.x and 9.0 on Windows allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
|
CWE-94
Code Injection
|
CVE-2016-1985
|
2024-11-21 11:47 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
