CVE-2011-5266
Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
Source: CVE-2011-5266
[월:] 2020년 01월
CVE-2020-6621
CVE-2020-6621
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.
Source: CVE-2020-6621
CVE-2020-6620
CVE-2020-6620
stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.
Source: CVE-2020-6620
CVE-2020-6619
CVE-2020-6619
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.
Source: CVE-2020-6619
CVE-2019-9812
CVE-2019-9812
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69.
Source: CVE-2019-9812
CVE-2019-17019
CVE-2019-17019
When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72.
Source: CVE-2019-17019
CVE-2019-17017
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Source: CVE-2019-17017
CVE-2019-17012
CVE-2019-17012
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
Source: CVE-2019-17012
CVE-2019-17013
CVE-2019-17013
Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.
Source: CVE-2019-17013
CVE-2019-17025
CVE-2019-17025
Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72.
Source: CVE-2019-17025