CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2745
https://notcve.org/view.php?id=CVE-2015-2745
08 Aug 2015 — Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML via the (1) name or (2) title field in card content associated with a search link that is mishandled after a HOME button press or a Show Windows action, as demonstrated by embedding an arbitrary application or spoofing the account-creation page. Vulnerabilidades múltiples de XSS en la aplicación Search en Gaia en Mozilla Firefox OS en versiones anteri... • http://www.mozilla.org/security/announce/2015/mfsa2015-73.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4494
https://notcve.org/view.php?id=CVE-2015-4494
08 Aug 2015 — Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app. Vulnerabilidad en Mozilla Firefox OS en versiones anteriores a 2.2, no requiere el privilegio wifi-manage para leer un mensaje del sistema Wi-Fi, lo que permite a atacantes remotos obtener información potencialmente sensible a través de una aplicación manipulada. • http://www.mozilla.org/security/announce/2015/mfsa2015-76.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 86%CPEs: 49EXPL: 4CVE-2015-4495 – Mozilla Firefox Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-4495
07 Aug 2015 — The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. Vulnerabilidad en el lector de PDF en Mozilla Firefox en versiones anteriores a 39.0.3, Firefox ESR 38.x en versiones anteriores a 38.1.1 y Firefox OS en versiones anteriores a 2.2, permite a at... • https://packetstorm.news/files/id/180630 •