Vulnerabilidades en mozilla

1863 resultados
CVE-2022-45413MEDIUMUsing the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookEPSS 0.4%CVE-2026-4708HIGHIncorrect boundary conditions in the Graphics componentEPSS 0.4%CVE-2025-1934MEDIUMUnexpected GC during RegExp bailout processingEPSS 0.4%CVE-2026-4713HIGHIncorrect boundary conditions in the Graphics componentEPSS 0.4%CVE-2026-4719HIGHIncorrect boundary conditions in the Graphics: Text componentEPSS 0.4%CVE-2026-4714HIGHIncorrect boundary conditions in the Audio/Video componentEPSS 0.4%CVE-2025-1010CRITICALUse-after-free in Custom HighlightEPSS 0.4%CVE-2021-4126MEDIUMWhen receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer addedEPSS 0.4%CVE-2025-8031CRITICALIncorrect URL stripping in CSP reportsEPSS 0.4%CVE-2026-2784CRITICALMitigation bypass in the DOM: Security componentEPSS 0.4%CVE-2023-37205The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox < 115.EPSS 0.4%CVE-2026-4715CRITICALUninitialized memory in the Graphics: Canvas2D componentEPSS 0.4%CVE-2023-37204A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational functEPSS 0.4%CVE-2023-5758MEDIUMWhen opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site ScripEPSS 0.4%CVE-2026-6758HIGHUse-after-free in the JavaScript: WebAssembly componentEPSS 0.4%CVE-2026-8975HIGHMemory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151EPSS 0.4%CVE-2022-31743MEDIUMFirefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been uEPSS 0.4%CVE-2022-29913MEDIUMThe parent process would not properly check whether the Speech Synthesis feature is enabled, when receiving instructions from a child procesEPSS 0.4%CVE-2021-23993An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpeEPSS 0.4%CVE-2024-0754MEDIUMSome WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.EPSS 0.4%