|
215691
|
10.0 |
CRITICAL
Network
|
swarco
|
cpu_ls4000_firmware
|
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vul…
|
NVD-CWE-Other
|
CVE-2020-12493
|
2024-11-21 13:59 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215692
|
5.5 |
MEDIUM
Local
|
mozilla
canonical
|
thunderbird
firefox
firefox_esr
ubuntu_linux
|
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and past…
|
CWE-22
Path Traversal
|
CVE-2020-12392
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215693
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
|
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opa…
|
CWE-863
Incorrect Authorization
|
CVE-2020-12391
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215694
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
|
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-12390
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215695
|
10.0 |
CRITICAL
Network
|
mozilla
|
firefox
firefox_esr
|
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerab…
|
CWE-20
Improper Input Validation
|
CVE-2020-12389
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215696
|
10.0 |
CRITICAL
Network
|
mozilla
|
firefox
firefox_esr
|
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerab…
|
CWE-20
Improper Input Validation
|
CVE-2020-12388
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215697
|
8.1 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Fire…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2020-12387
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215698
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
|
Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of thes…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12396
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215699
|
9.8 |
CRITICAL
Network
|
mozilla
canonical
|
thunderbird
firefox
firefox_esr
ubuntu_linux
|
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enoug…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12395
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215700
|
3.3 |
LOW
Local
|
mozilla
|
firefox
|
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulne…
|
NVD-CWE-noinfo
|
CVE-2020-12394
|
2024-11-21 13:59 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
