Vulnerabilidades en mozilla

1860 resultados
CVE-2020-12396Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corEPSS 1.7%CVE-2018-5137A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this bEPSS 1.7%CVE-2018-5134WebExtensions may use "view-source:" URLs to view local "file:" URL content, as well as content stored in "about:cache", bypassing restrictiEPSS 1.7%CVE-2018-18509A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even iEPSS 1.7%CVE-2018-5165In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though thEPSS 1.7%CVE-2017-5385Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leadEPSS 1.7%CVE-2021-43536Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability affEPSS 1.7%CVE-2018-18495WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. TEPSS 1.7%CVE-2017-5388A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short periEPSS 1.7%CVE-2017-5471Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effoEPSS 1.7%CVE-2017-5377A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable craEPSS 1.7%CVE-2016-9073WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affectsEPSS 1.7%CVE-2018-5152WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such as accounts.firefox.com and listen to networEPSS 1.7%CVE-2017-7847Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.EPSS 1.6%CVE-2016-9061A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keyEPSS 1.6%CVE-2016-5299A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for FirEPSS 1.6%CVE-2018-5136A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policyEPSS 1.6%CVE-2020-15677By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to EPSS 1.6%CVE-2019-11740Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these EPSS 1.6%CVE-2019-9809If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resEPSS 1.6%