Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xrdp vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-5414
The file picker dialog can choose and display the wrong local default directory when instantiated. On some operating systems, this can lead to information disclosure, such as the operating system or the local account name. This vulnerability affects Firefox < 52 and Thunderbir...
Mozilla Firefox
Mozilla Thunderbird
7.5
CVSSv3
CVE-2017-5422
If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Fi...
Mozilla Firefox
Mozilla Thunderbird
6.5
CVSSv3
CVE-2017-5420
A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an malicious user to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability af...
Mozilla Firefox
9.8
CVSSv3
CVE-2017-5403
When adding a range to an object in the DOM, it is possible to use "addRange" to add the range to an incorrect root object. This triggers a use-after-free, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 52 and Thunderbird < 52.
Mozilla Thunderbird
Mozilla Firefox
5.3
CVSSv3
CVE-2017-5417
When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerabi...
Mozilla Firefox
5.3
CVSSv3
CVE-2017-5426
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to ...
Mozilla Firefox
Mozilla Thunderbird
5.5
CVSSv3
CVE-2017-5427
A non-existent chrome.manifest file will attempt to be loaded during startup from the primary installation directory. If a malicious user with local access puts chrome.manifest and other referenced files in this directory, they will be loaded and activated during startup. This co...
Mozilla Firefox
5.3
CVSSv3
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
9.8
CVSSv3
CVE-2017-5400
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 8.0
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
9.8
CVSSv3
CVE-2017-5401
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.
Debian Debian Linux 9.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server 6.0
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »