Vulnerabilidades em mozilla
1.860 resultadosCVE-2020-15678—When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. This EPSS 1.9%CVE-2019-17008—When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vuEPSS 1.9%CVE-2018-12403—If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. ThiEPSS 1.9%CVE-2025-2857CRITICALIncorrect handle could lead to sandbox escapesEPSS 1.9%CVE-2018-5174—In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files andEPSS 1.9%CVE-2019-17021—During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses fromEPSS 1.9%CVE-2016-9065—The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake EPSS 1.9%CVE-2017-5450—A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorreEPSS 1.9%CVE-2020-12420—When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and EPSS 1.9%CVE-2021-29951—The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access EPSS 1.9%CVE-2020-12421—When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by EPSS 1.8%CVE-2018-12381—Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are EPSS 1.8%CVE-2018-5128—A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in EPSS 1.8%CVE-2018-5092—A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the maiEPSS 1.8%CVE-2016-9895—Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vuEPSS 1.8%CVE-2019-9790—A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then EPSS 1.8%CVE-2017-7791—On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following paEPSS 1.8%CVE-2018-12375—Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort thaEPSS 1.8%CVE-2019-9804—In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause theEPSS 1.8%CVE-2019-9815—If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.EPSS 1.8%