Vulnerabilidades em mozilla

1.860 resultados
CVE-2020-6814Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruptEPSS 1.8%CVE-2018-5101A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crEPSS 1.8%CVE-2018-5173The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This cEPSS 1.8%CVE-2019-17015During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploEPSS 1.8%CVE-2017-5416In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. EPSS 1.8%CVE-2017-5406A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and emptEPSS 1.8%CVE-2017-7829It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's addressEPSS 1.8%CVE-2019-11759An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an atEPSS 1.8%CVE-2016-9076An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack reEPSS 1.8%CVE-2019-11743Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload evenEPSS 1.8%CVE-2016-5288Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pageEPSS 1.8%CVE-2018-5184Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and ThEPSS 1.8%CVE-2017-5374Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough efEPSS 1.8%CVE-2018-5107The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The prEPSS 1.8%CVE-2017-5391Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug wEPSS 1.8%CVE-2017-5392Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and EPSS 1.8%CVE-2017-7789If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict TranEPSS 1.8%CVE-2017-5379Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects FireEPSS 1.8%CVE-2017-5411A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage caEPSS 1.8%CVE-2017-7844A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determiEPSS 1.8%