|
266731
|
4.6 |
MEDIUM
Physics
|
novell
linux
canonical
|
suse_linux_enterprise_module_for_public_cloud
suse_linux_enterprise_server
suse_linux_enterprise_live_patching
suse_linux_enterprise_real_time_extension
suse_linux_enterprise_desktop
s…
|
The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system c…
|
NVD-CWE-Other
|
CVE-2016-2188
|
2024-11-21 11:48 |
2016-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266732
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0 does not properly restrict the origin of events, which makes it easier for remote attackers to modify…
|
CWE-284
Improper Access Control
|
CVE-2016-2820
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266733
|
5.4 |
MEDIUM
Network
|
mozilla
|
firefox
|
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox before 46.0 does not properly restrict principal inheritance during chrome.tabs.create and chrome.tabs…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2817
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266734
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
|
CWE-284
Improper Access Control
|
CVE-2016-2816
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266735
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-2814
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266736
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's phys…
|
CWE-200
Information Exposure
|
CVE-2016-2813
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266737
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
|
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a …
|
CWE-362
Race Condition
|
CVE-2016-2812
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266738
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the…
|
NVD-CWE-Other
|
CVE-2016-2811
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266739
|
5.0 |
MEDIUM
Local
|
mozilla
|
firefox
|
Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2810
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266740
|
5.5 |
MEDIUM
Local
|
mozilla
|
firefox
|
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-2809
|
2024-11-21 11:48 |
2016-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
