Page 118 of 680 results (0.011 seconds)

CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2014-1494

https://notcve.org/view.php?id=CVE-2014-1494

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-15.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=627295 https://b •

CVSS: 10.0EPSS: 1%CPEs: 26EXPL: 7

CVE-2014-1493 – Mozilla: Miscellaneous memory safety hazards (rv:24.4) (MFSA 2014-15)

https://notcve.org/view.php?id=CVE-2014-1493

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2014-0310.html http://rhn.redhat.com/errata/RHSA-2014-0316.html http://www.debian.org/security/2014/dsa-2881 http://www.debian.org/security/2014/dsa-2911 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2014-1499

https://notcve.org/view.php?id=CVE-2014-1499

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos falsificar el nombre del dominio en la solicitud de permisos de (1) cámara o (2) micrófono en WebRTC provocando navegación en cierto momento durante la generación de esta petición. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-19.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=961512 https://s •

CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2014-1502

https://notcve.org/view.php?id=CVE-2014-1502

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. Las funciones (1) WebGL.compressedTexImage2D y (2) WebGL.compressedTexSubImage2D en Mozilla Firefox anterior a 28.0 y SeaMonkey anterior a 2.25 permiten a atacantes remotos evadir Same Origin Policy y renderizar contenido en un dominio diferente a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-22.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=972622 https://s • CWE-346: Origin Validation Error •

CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 1

CVE-2014-1505 – Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)

https://notcve.org/view.php?id=CVE-2014-1505

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. La implementación del filtro SVG en Mozilla Firefox anterior a 28.0, Firefox ESR 24.x anterior a 24.4, Thunderbird anterior a 24.4 y SeaMonkey anterior a 2.25 permite a atacantes remotos obtener información sensible de correlación de desplazamiento, y posiblemente evadir Same Origin Policy y leer texto de un dominio diferente, a través de ataques de tiempos involucrando elementos feDisplacementMap, un problema relacionado con CVE-2013-1693. • http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html http://rhn.redhat.com/errata/RHSA-2014-0310.html http://rhn.redhat.com/errata/RHSA-2014-0316.html http://www.debian.org/security/2014/dsa-2881 http://www.debian.org/security/2014/dsa-2911 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •