CVSS: 3.5EPSS: 0%CPEs: 12EXPL: 0CVE-2015-4078
https://notcve.org/view.php?id=CVE-2015-4078
23 Mar 2017 — Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configured to use SSL/TLS, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE). Cloudera Navigator 2.2.x en versiones anteriores a 2.2.4 y 2.3.x en versiones anteriores a 2.3.3 incluyen soporte para SSLv3 cuando está configurado para utilizar SSL/TLS, lo que hace más fácil a atacantes man-in-the-middle obtener datos en tex... • https://www.cloudera.com/documentation/other/security-bulletins/topics/csb_topic_1.html#concept_o1q_wrm_js • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 6%CPEs: 6EXPL: 3CVE-2006-2894 – Mozilla Firefox 1.x - JavaScript Key Filtering
https://notcve.org/view.php?id=CVE-2006-2894
07 Jun 2006 — Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the ... • https://www.exploit-db.com/exploits/27987 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 27%CPEs: 11EXPL: 1CVE-2005-4134 – Mozilla Firefox 0.x/1.x - Large History File Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-4134
09 Dec 2005 — Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this ... • https://www.exploit-db.com/exploits/26762 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2000-1187
https://notcve.org/view.php?id=CVE-2000-1187
09 Jan 2001 — Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-1999-0827
https://notcve.org/view.php?id=CVE-1999-0827
01 Nov 1999 — By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0827 •