Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
leap vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-11720
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
5.8
CVSSv2
CVE-2019-11724
Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks. This vulnerability affects...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2020-14039
In Go prior to 1.13.13 and 1.14.x prior to 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.
Golang Go
Opensuse Leap 15.1
Opensuse Leap 15.2
4.4
CVSSv2
CVE-2020-14308
In grub2 versions prior to 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and...
Gnu Grub2
Opensuse Leap 15.1
Opensuse Leap 15.2
4.6
CVSSv2
CVE-2020-14309
There's an issue with grub2 in all versions prior to 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buff...
Gnu Grub2
Opensuse Leap 15.1
Opensuse Leap 15.2
5
CVSSv2
CVE-2019-11718
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, ...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
4.3
CVSSv2
CVE-2019-11721
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2019-11723
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Contai...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
4
CVSSv2
CVE-2019-11725
When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing p...
Mozilla Firefox
Opensuse Leap 15.0
Opensuse Leap 15.1
6.8
CVSSv2
CVE-2019-5816
Process lifetime issue in Chrome in Google Chrome on Android before 74.0.3729.108 allowed a remote malicious user to potentially persist an exploited process via a crafted HTML page.
Google Chrome
Opensuse Leap 42.3
Opensuse Leap 15.0
Fedoraproject Fedora 29
Opensuse Backports Sle-15
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »