| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85. |
| Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 85. |
| Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. |
| An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. |
| The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85. |
| Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. |
| An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85. |
| The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85. |
| Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. |
| If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. |
| A DNS proxy and possible amplification attack vulnerability in WebClientInfo of Apache Wicket allows an attacker to trigger arbitrary DNS lookups from the server when the X-Forwarded-For header is not properly sanitized. This DNS lookup can be engineered to overload an internal DNS server or to slow down request processing of the Apache Wicket application causing a possible denial of service on either the internal infrastructure or the web application itself. This issue affects Apache Wicket Apache Wicket 9.x version 9.2.0 and prior versions; Apache Wicket 8.x version 8.11.0 and prior versions; Apache Wicket 7.x version 7.17.0 and prior versions and Apache Wicket 6.x version 6.2.0 and later versions. |
| OX App Suite through 7.10.4 allows XSS via the subject of a task. |
| OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code. |
| OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. |
| OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL. |
| OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename. |
| OX App Suite through 7.10.4 allows XSS via an inline binary file. |
| OX App Suite through 7.10.4 allows XSS via use of the conversion API for a distributedFile. |
| OX App Suite through 7.10.4 allows XSS via a crafted Content-Disposition header in an uploaded HTML document to an ajax/share/<share-token>?delivery=view URI. |
| OX App Suite through 7.10.3 allows XSS via the ajax/apps/manifests query string. |