Vulnerabilidades en mozilla

1860 resultados
CVE-2021-23983By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memoEPSS 0.7%CVE-2019-17002If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was nEPSS 0.7%CVE-2023-5173In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a EPSS 0.7%CVE-2024-0746MEDIUMA Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR EPSS 0.7%CVE-2023-4057Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruptionEPSS 0.7%CVE-2023-32207HIGHA missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerabiEPSS 0.7%CVE-2021-29952When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort maEPSS 0.7%CVE-2022-42929MEDIUMIf a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browseEPSS 0.7%CVE-2022-45418MEDIUMIf a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting inEPSS 0.7%CVE-2024-3854HIGHIn some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affectEPSS 0.7%CVE-2022-29916MEDIUMFirefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been usEPSS 0.7%CVE-2022-46881HIGHAn optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. *Note*: TEPSS 0.7%CVE-2022-46878HIGHMozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in ThunderbirEPSS 0.7%CVE-2020-15649Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of EPSS 0.7%CVE-2022-34483HIGHAn attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contaEPSS 0.7%CVE-2021-23996By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofingEPSS 0.7%CVE-2024-8384CRITICALThe JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two paEPSS 0.7%CVE-2020-6817HIGHbleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with anEPSS 0.7%CVE-2022-1196MEDIUMAfter a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable EPSS 0.7%CVE-2025-0241HIGHMemory corruption when using JavaScript Text SegmentationEPSS 0.7%