Vulnerabilidades en mozilla

1860 resultados
CVE-2021-23968If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation reEPSS 1.2%CVE-2021-24002When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and EPSS 1.2%CVE-2021-23995When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this cEPSS 1.2%CVE-2017-5452Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTMLEPSS 1.2%CVE-2018-5142If Media Capture and Streams API permission is requested from documents with "data:" or "blob:" URLs, the permission notifications do not prEPSS 1.2%CVE-2020-26956In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerabiliEPSS 1.2%CVE-2019-9805A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential EPSS 1.2%CVE-2020-15653An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues forEPSS 1.2%CVE-2021-43534Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed eEPSS 1.2%CVE-2021-29945The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue oEPSS 1.2%CVE-2021-23960Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. ThisEPSS 1.2%CVE-2021-38493Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corEPSS 1.2%CVE-2020-15658The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file endEPSS 1.2%CVE-2021-29969If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completionEPSS 1.2%CVE-2017-7777Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.EPSS 1.2%CVE-2020-26969Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presumeEPSS 1.2%CVE-2019-11747The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site.EPSS 1.2%CVE-2023-6864Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruptionEPSS 1.2%CVE-2017-7820The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web EPSS 1.2%CVE-2017-7771Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.EPSS 1.2%