Vulnerabilidades en mozilla

1860 resultados
CVE-2020-15659Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed eEPSS 2.4%CVE-2016-9905A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < EPSS 2.4%CVE-2018-12373dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerabiliEPSS 2.4%CVE-2018-5130When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triEPSS 2.4%CVE-2018-5117If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spEPSS 2.4%CVE-2018-5168Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. TEPSS 2.4%CVE-2017-7787Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content onEPSS 2.4%CVE-2017-5419If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdEPSS 2.4%CVE-2022-26486CRITICALAn unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attaEPSS 2.3%KEVCVE-2019-11709Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed eEPSS 2.3%CVE-2018-12389Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memoEPSS 2.3%CVE-2017-7793A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting inEPSS 2.3%CVE-2017-7788When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's EPSS 2.3%CVE-2018-5131Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" EPSS 2.3%CVE-2020-12419When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-freEPSS 2.3%CVE-2018-5180A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability iEPSS 2.3%CVE-2018-12401Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This EPSS 2.3%CVE-2016-5285A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssEPSS 2.3%CVE-2017-7811Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effoEPSS 2.3%CVE-2017-5399Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effoEPSS 2.3%