Vulnerabilidades em Mozilla
1.860 resultadosCVE-2020-6800—Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed eEPSS 2.3%CVE-2017-5399—Memory safety bugs were reported in Firefox 51. Some of these bugs showed evidence of memory corruption and we presume that with enough effoEPSS 2.3%CVE-2018-12396—A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for poEPSS 2.3%CVE-2017-5386—WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential dEPSS 2.3%CVE-2020-12395—Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed eEPSS 2.3%CVE-2016-9080—Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough EPSS 2.3%CVE-2019-9788—Mozilla developers and community members reported memory safety bugs present in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5. Some of EPSS 2.2%CVE-2019-11719—When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the NetwEPSS 2.2%CVE-2018-5186—Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort thaEPSS 2.2%CVE-2018-18506—When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this EPSS 2.2%CVE-2019-11752—It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and aEPSS 2.2%CVE-2016-9075—An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions lEPSS 2.2%CVE-2024-0741MEDIUMAn out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerabilEPSS 2.2%CVE-2018-18502—Mozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corEPSS 2.2%CVE-2019-11713—A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially explEPSS 2.1%CVE-2017-7807—A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been EPSS 2.1%CVE-2019-11717—A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allEPSS 2.1%CVE-2018-5163—If a malicious attacker has used another vulnerability to gain full control over a content process, they may be able to replace the alternatEPSS 2.1%CVE-2017-7798—The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worsEPSS 2.1%CVE-2018-12391—During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. BecausEPSS 2.1%