CVE-2023-37208

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-434
View all →

Vulnerability Description

When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

Related Vulnerabilities

CVE-2010-4661

HIGH
CVSS:7.8(High)

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

CWE-4342010

CVE-2015-0796

HIGH
CVSS:7.8(High)

In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow bui...

CWE-4342015

CVE-2015-1000013

HIGH
CVSS:7.8(High)

Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1

CWE-4342015

CVE-2015-7571

HIGH
CVSS:7.8(High)

Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

CWE-4342015

CVE-2017-13156

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability in the Android system (art). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847.

CWE-4342017

CVE-2017-2699

HIGH
CVSS:7.8(High)

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could ...

CWE-4342017