Vulnerabilidades en mozilla

1860 resultados
CVE-2017-7779Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruptEPSS 2.7%CVE-2018-5160WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the EPSS 2.7%CVE-2020-12417Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a poEPSS 2.7%CVE-2017-5442A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. ThisEPSS 2.7%CVE-2017-7801A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style obEPSS 2.7%CVE-2017-7749A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable craEPSS 2.7%CVE-2017-7757A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. ThiEPSS 2.7%CVE-2017-7756A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a poteEPSS 2.7%CVE-2017-5472A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node iEPSS 2.7%CVE-2017-5462A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bitsEPSS 2.6%CVE-2017-5405Certain response codes in FTP connections can result in the use of uninitialized values for ports in FTP operations. This vulnerability affeEPSS 2.6%CVE-2017-5408Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading tEPSS 2.6%CVE-2017-5449A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulEPSS 2.6%CVE-2020-15683Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed eEPSS 2.6%CVE-2018-5115If an HTTP authentication prompt is triggered by a background network request from a page or extension, it is displayed over the currently lEPSS 2.6%CVE-2019-9811As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a brEPSS 2.6%CVE-2017-5464During DOM manipulations of the accessibility tree through script, the DOM tree can become out of sync with the accessibility tree, leading EPSS 2.6%CVE-2017-5470Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume EPSS 2.6%CVE-2016-9893Memory safety bugs were reported in Thunderbird 45.5. Some of these bugs showed evidence of memory corruption and we presume that with enougEPSS 2.6%CVE-2022-28281HIGHIf a compromised content process sent an unexpected number of WebAuthN Extensions in a Register command to the parent process, an out of bouEPSS 2.6%