Every CVE whose affected-product data names Arora-browser Arora, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2010-1100 — CVSS 5.0 (medium): Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number…
CVE-2011-3367 — CVSS 5.0 (medium): Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows…