Vulnerabilidades en mozilla

1860 resultados
CVE-2019-17022When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer does not escape &lt; and &gt; characters. BecEPSS 2.0%CVE-2016-9896Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability aEPSS 2.0%CVE-2018-12367In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure preEPSS 2.0%CVE-2018-5162Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52EPSS 2.0%CVE-2019-17012Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corrEPSS 2.0%CVE-2017-7821A vulnerability where WebExtensions can download and attempt to open a file of some non-executable file types. This can be triggered withoutEPSS 2.0%CVE-2020-15673Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. Some of these bugs showed evidence of memory corrEPSS 2.0%CVE-2018-18508In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulEPSS 2.0%CVE-2017-5421A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what siteEPSS 1.9%CVE-2017-7762When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used forEPSS 1.9%CVE-2020-12422In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out oEPSS 1.9%CVE-2016-9070A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScripEPSS 1.9%CVE-2017-7780Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effoEPSS 1.9%CVE-2020-6825Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR EPSS 1.9%CVE-2016-9067Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.EPSS 1.9%CVE-2016-9071Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a uEPSS 1.9%CVE-2017-5413A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52.EPSS 1.9%CVE-2019-17005The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the EPSS 1.9%CVE-2020-26971Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulneraEPSS 1.9%CVE-2016-9078Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can EPSS 1.9%