Page 235 of 2107 results (0.034 seconds)

CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 0

CVE-2016-1959

https://notcve.org/view.php?id=CVE-2016-1959

The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via unspecified use of the Clients API. La clase ServiceWorkerManager en Mozilla Firefox en versiones anteriores a 45.0 permite a atacantes remotos ejecutar código arbitrario o causar una denegación del servicio (lectura fuera de rango y corrupción de memoria) a través del uso no especificado de la API Clients. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-22.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com/usn/USN-2917-1 http://www.ubuntu.com/usn/USN-2917-2 http://www.ubuntu.com/usn/USN-2917-3 https://bugzilla.mozilla.org/show_bug.cgi?id=1234949 https://security.gentoo.org/glsa/201605-06 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0

CVE-2016-1968

https://notcve.org/view.php?id=CVE-2016-1968

Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression. Desbordamiento inferior de entero en Brotli, como se utiliza en Mozilla Firefox en versiones anteriores a 45.0, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (desbordamiento de buffer) a través de datos manipulados con compresión brotli. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://www.mozilla.org/security/announce/2016/mfsa2016-30.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com/usn/USN-2917-1 http://www.ubuntu.com/usn/USN-2917-2 http://www.ubuntu.com/usn/USN-2917-3 https://bugzilla.mozilla.org/show_bug.cgi?id=1246742 https://security.gentoo.org/glsa/201605-06 • CWE-189: Numeric Errors •

CVSS: 8.8EPSS: 1%CPEs: 19EXPL: 0

CVE-2016-1953

https://notcve.org/view.php?id=CVE-2016-1953

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors. Múltiples vulnerabilidades no especificadas en el navegador en Mozilla Firefox en versiones anteriores a 45.0 permite a atacantes remotos causar una denegación de servicio (corrupción de la memoria o caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores en relación con js/src/jit/arm/Assembler-arm.cpp, y otros vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2016-07 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-1955

https://notcve.org/view.php?id=CVE-2016-1955

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. Mozilla Firefoz en versiones anteriores a 45.0 permite a atacantes remotos eludir la Same Origin Policy y obtener información sensible leyendo un informe de violación de Content Security Policy (CSP) que contiene información de ruta asociada con un elemento IFRAME. • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html http://www.mozilla.org/security/announce/2016/mfsa2016-18.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.1EPSS: 1%CPEs: 6EXPL: 0

CVE-2016-1956

https://notcve.org/view.php?id=CVE-2016-1956

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader. Mozilla Firefox en versiones anteriores a 45.0 en Linux, cuando se utiliza un controlador de video Intel, permite a atacantes remotos causar una denegación de servicio (consumo de la memoria o corrupción de la memoria de pila) desencadenando el uso de un sombreador WebGL." • http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.html http://www.mozilla.org/security/announce/2016/mfsa2016-19.html http://www.securitytracker.com/id/1035215 http://www.ubuntu.com&# • CWE-399: Resource Management Errors •