Opensuse Project: Security Vulnerabilities
Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site.
CVSS Score
4.3
EPSS Score
0.012
Published
2014-02-06
Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.
CVSS Score
5.0
EPSS Score
0.006
Published
2014-02-06
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
CVSS Score
5.8
EPSS Score
0.009
Published
2013-12-11
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters.
CVSS Score
4.3
EPSS Score
0.019
Published
2012-07-18
Page 6