[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-0802":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":66,"duplicate_of":9,"upstream":67,"downstream":68,"duplicates":79,"related":80,"reserved_at":9,"published_at":84,"modified_at":85,"state":86,"summary":87,"references_raw":95,"kevs":138,"epss":139,"epss_history":142,"metrics":345,"affected":350},"CVE-2015-0802","Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"CWE-264","Permissions, Privileges, and Access Controls","Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.","category","Obsolete",[],[19,39,50],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":27,"platforms":28,"requires_auth":26,"exploitdb":9,"metasploit":29},"MSF_EXPLOIT_MULTI_BROWSER_FIREFOX_PDFJS_PRIVILEGE_ESCALATION","Firefox PDF.js Privileged Javascript Injection","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/multi/browser/firefox_pdfjs_privilege_escalation.rb","poc",0,false,"remote",[],{"fullname":30,"rank":25,"rank_name":31,"post_auth":26,"check":26,"notes":32},"exploit/multi/browser/firefox_pdfjs_privilege_escalation","manual",{"Stability":33,"SideEffects":35,"Reliability":37},[34],"unknown-stability",[36],"unknown-side-effects",[38],"unknown-reliability",{"_key":40,"name":41,"source":22,"url":42,"maturity":24,"reliability_score":25,"verified":26,"type":27,"platforms":43,"requires_auth":26,"exploitdb":9,"metasploit":44},"MSF_EXPLOIT_MULTI_BROWSER_FIREFOX_PROXY_PROTOTYPE","Firefox Proxy Prototype Privileged Javascript Injection","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/multi/browser/firefox_proxy_prototype.rb",[],{"fullname":45,"rank":25,"rank_name":31,"post_auth":26,"check":26,"notes":46},"exploit/multi/browser/firefox_proxy_prototype",{"Stability":47,"SideEffects":48,"Reliability":49},[34],[36],[38],{"_key":51,"name":52,"source":53,"url":54,"maturity":55,"reliability_score":56,"verified":57,"type":27,"platforms":58,"requires_auth":9,"exploitdb":60,"metasploit":9},"37958","Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)","exploit-database","https://www.exploit-db.com/exploits/37958","weaponized",0.8,true,[59],"multiple",{"verified":57,"type":27,"platform":59,"file":61,"codes":62},"exploits/multiple/remote/37958.rb",[63,7,64,65],"CVE-2015-0816","OSVDB-120107","OSVDB-119753",[],[],[69,71,73,75,77],{"_key":70},"OPENSUSE-SU-2024:10071-1",{"_key":72},"OPENSUSE-SU-2024:14572-1",{"_key":74},"MGASA-2015-0342",{"_key":76},"UBUNTU-CVE-2015-0802",{"_key":78},"USN-2550-1",[],[81,82,83],{"_key":70},{"_key":72},{"_key":74},"2015-04-01T10:00:00.000Z","2024-08-06T04:26:11.024Z","Modified",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":88,"epss_score":89,"severity":90,"severity_score":91,"severity_version":92,"severity_source":93,"severity_vector":94,"severity_status":86},"critical",0.80386,"medium",5,"v2.0","nvd","AV:N/AC:L/Au:N/C:N/I:P/A:N",[96,102,108,114,118,124,128,133],{"url":97,"sources":98,"tags":100},"https://bugzilla.mozilla.org/show_bug.cgi?id=1124898",[99,93],"cve.org",[101],"X Refsource CONFIRM",{"url":103,"sources":104,"tags":105},"http://www.securitytracker.com/id/1031996",[99,93],[106,107],"VDB Entry","X Refsource SECTRACK",{"url":109,"sources":110,"tags":111},"https://security.gentoo.org/glsa/201512-10",[99,93],[112,113],"Vendor Advisory","X Refsource GENTOO",{"url":115,"sources":116,"tags":117},"http://www.mozilla.org/security/announce/2015/mfsa2015-42.html",[99,93],[101,112],{"url":119,"sources":120,"tags":121},"https://www.exploit-db.com/exploits/37958/",[99,93],[122,123],"Exploit","X Refsource EXPLOIT DB",{"url":125,"sources":126,"tags":127},"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",[99,93],[101],{"url":129,"sources":130,"tags":131},"http://www.ubuntu.com/usn/USN-2550-1",[99,93],[112,132],"X Refsource UBUNTU",{"url":134,"sources":135,"tags":136},"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html",[99,93],[112,137],"X Refsource SUSE",[],{"date":140,"score":89,"percentile":141},"2026-06-05",0.99146,[143,146,149,151,154,157,159,161,163,165,167,169,171,173,175,178,181,183,186,188,191,193,195,197,199,201,203,205,208,211,213,215,217,219,221,223,225,228,231,234,236,238,241,244,247,249,251,253,255,257,259,261,263,265,268,270,273,275,277,280,282,285,288,290,292,294,296,298,300,302,304,306,308,310,312,314,316,318,320,322,324,326,328,330,332,334,336,338,340,342],{"date":144,"score":89,"percentile":145},"2025-11-04",0.99074,{"date":147,"score":89,"percentile":148},"2025-11-05",0.99073,{"date":150,"score":89,"percentile":148},"2025-11-06",{"date":152,"score":89,"percentile":153},"2025-11-07",0.99071,{"date":155,"score":89,"percentile":156},"2025-11-08",0.99072,{"date":158,"score":89,"percentile":156},"2025-11-09",{"date":160,"score":89,"percentile":148},"2025-11-10",{"date":162,"score":89,"percentile":148},"2025-11-11",{"date":164,"score":89,"percentile":145},"2025-11-12",{"date":166,"score":89,"percentile":145},"2025-11-13",{"date":168,"score":89,"percentile":148},"2025-11-14",{"date":170,"score":89,"percentile":153},"2025-11-15",{"date":172,"score":89,"percentile":153},"2025-11-16",{"date":174,"score":89,"percentile":156},"2025-11-17",{"date":176,"score":89,"percentile":177},"2025-11-18",0.99198,{"date":179,"score":89,"percentile":180},"2025-11-19",0.99199,{"date":182,"score":89,"percentile":177},"2025-11-20",{"date":184,"score":89,"percentile":185},"2025-11-21",0.99069,{"date":187,"score":89,"percentile":185},"2025-11-22",{"date":189,"score":89,"percentile":190},"2025-11-23",0.9907,{"date":192,"score":89,"percentile":153},"2025-11-24",{"date":194,"score":89,"percentile":153},"2025-11-25",{"date":196,"score":89,"percentile":156},"2025-11-26",{"date":198,"score":89,"percentile":156},"2025-11-27",{"date":200,"score":89,"percentile":156},"2025-11-28",{"date":202,"score":89,"percentile":156},"2025-11-29",{"date":204,"score":89,"percentile":153},"2025-11-30",{"date":206,"score":89,"percentile":207},"2025-12-01",0.99082,{"date":209,"score":89,"percentile":210},"2025-12-02",0.99083,{"date":212,"score":89,"percentile":210},"2025-12-03",{"date":214,"score":89,"percentile":190},"2025-12-04",{"date":216,"score":89,"percentile":153},"2025-12-05",{"date":218,"score":89,"percentile":153},"2025-12-06",{"date":220,"score":89,"percentile":156},"2025-12-07",{"date":222,"score":89,"percentile":148},"2025-12-08",{"date":224,"score":89,"percentile":145},"2025-12-09",{"date":226,"score":89,"percentile":227},"2025-12-10",0.99075,{"date":229,"score":89,"percentile":230},"2025-12-11",0.99077,{"date":232,"score":89,"percentile":233},"2025-12-12",0.99078,{"date":235,"score":89,"percentile":233},"2025-12-13",{"date":237,"score":89,"percentile":233},"2025-12-14",{"date":239,"score":89,"percentile":240},"2025-12-15",0.99079,{"date":242,"score":89,"percentile":243},"2025-12-16",0.99081,{"date":245,"score":89,"percentile":246},"2025-12-17",0.9908,{"date":248,"score":89,"percentile":240},"2025-12-18",{"date":250,"score":89,"percentile":246},"2025-12-19",{"date":252,"score":89,"percentile":246},"2025-12-20",{"date":254,"score":89,"percentile":240},"2025-12-21",{"date":256,"score":89,"percentile":243},"2025-12-22",{"date":258,"score":89,"percentile":207},"2025-12-23",{"date":260,"score":89,"percentile":207},"2025-12-24",{"date":262,"score":89,"percentile":207},"2025-12-25",{"date":264,"score":89,"percentile":207},"2025-12-26",{"date":266,"score":89,"percentile":267},"2025-12-27",0.99086,{"date":269,"score":89,"percentile":207},"2025-12-28",{"date":271,"score":89,"percentile":272},"2025-12-29",0.99084,{"date":274,"score":89,"percentile":207},"2025-12-30",{"date":276,"score":89,"percentile":272},"2025-12-31",{"date":278,"score":89,"percentile":279},"2026-01-01",0.99095,{"date":281,"score":89,"percentile":279},"2026-01-02",{"date":283,"score":89,"percentile":284},"2026-01-03",0.99096,{"date":286,"score":89,"percentile":287},"2026-01-04",0.99085,{"date":289,"score":89,"percentile":272},"2026-01-05",{"date":291,"score":89,"percentile":287},"2026-01-06",{"date":293,"score":89,"percentile":272},"2026-01-07",{"date":295,"score":89,"percentile":287},"2026-01-08",{"date":297,"score":89,"percentile":287},"2026-01-09",{"date":299,"score":89,"percentile":287},"2026-01-10",{"date":301,"score":89,"percentile":207},"2026-01-11",{"date":303,"score":89,"percentile":207},"2026-01-12",{"date":305,"score":89,"percentile":243},"2026-01-13",{"date":307,"score":89,"percentile":210},"2026-01-14",{"date":309,"score":89,"percentile":210},"2026-01-15",{"date":311,"score":89,"percentile":210},"2026-01-16",{"date":313,"score":89,"percentile":272},"2026-01-17",{"date":315,"score":89,"percentile":272},"2026-01-18",{"date":317,"score":89,"percentile":272},"2026-01-19",{"date":319,"score":89,"percentile":287},"2026-01-20",{"date":321,"score":89,"percentile":287},"2026-01-21",{"date":323,"score":89,"percentile":272},"2026-01-22",{"date":325,"score":89,"percentile":287},"2026-01-23",{"date":327,"score":89,"percentile":287},"2026-01-24",{"date":329,"score":89,"percentile":272},"2026-01-25",{"date":331,"score":89,"percentile":287},"2026-01-26",{"date":333,"score":89,"percentile":287},"2026-01-27",{"date":335,"score":89,"percentile":287},"2026-01-28",{"date":337,"score":89,"percentile":267},"2026-01-29",{"date":339,"score":89,"percentile":267},"2026-01-30",{"date":341,"score":89,"percentile":267},"2026-01-31",{"date":343,"score":89,"percentile":344},"2026-02-01",0.99098,[346],{"source":93,"cvss_v2_0":347,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":91,"baseSeverity":9,"vectorString":94,"impactScore":348,"exploitabilityScore":349},2.9,10,[351,364,371],{"ecosystem":9,"name":352,"vendor":353,"product":354,"cpe_part":355,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":356},"ubuntu linux","canonical","ubuntu_linux","o",[357,360,362],{"version":358,"is_range":26,"range_type":359,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":361,"is_range":26,"range_type":359,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":363,"is_range":26,"range_type":359,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.10",{"ecosystem":9,"name":365,"vendor":9,"product":365,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":366},"Firefox",[367],{"version":368,"is_range":57,"range_type":359,"version_start":9,"version_start_type":9,"version_end":369,"version_end_type":370,"fixed_in":9},"lte36.0.4","36.0.4","including",{"ecosystem":9,"name":372,"vendor":372,"product":372,"cpe_part":355,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":373},"opensuse",[374,376],{"version":375,"is_range":26,"range_type":359,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":377,"is_range":26,"range_type":359,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2"]