Vulnerabilidades em mozilla

1.860 resultados
CVE-2023-6208When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage notEPSS 0.8%CVE-2022-46872HIGHAn attacker who compromised a content process could have partially escaped the sandbox to read arbitrary files via clipboard-related IPC mesEPSS 0.8%CVE-2016-9077Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. The rendering by the filter is variable depending on EPSS 0.8%CVE-2022-3033HIGHIf a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>htEPSS 0.8%CVE-2025-3028MEDIUMUse-after-free triggered by XSLTProcessorEPSS 0.8%CVE-2023-25741MEDIUMWhen dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused EPSS 0.8%CVE-2024-11697HIGHWhen handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialogEPSS 0.8%CVE-2013-4227Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x bEPSS 0.8%CVE-2023-32209A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.EPSS 0.8%CVE-2021-29961When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over tEPSS 0.8%CVE-2022-22760MEDIUMWhen importing resources using Web Workers, error messages would distinguish the difference between <code>application/javascript</code> respEPSS 0.8%CVE-2024-3302LOWThere was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of MemoryEPSS 0.8%CVE-2026-2796CRITICALJIT miscompilation in the JavaScript: WebAssembly componentEPSS 0.8%CVE-2023-4582HIGHBuffer Overflow in WebGL glGetProgramivEPSS 0.8%CVE-2023-32213When reading a file, an uninitialized value could have been used as read limit. This vulnerability affects Firefox < 113, Firefox ESR < 102.EPSS 0.8%CVE-2021-23974The DOMParser API did not properly process '<noscript>' elements for escaping. This could be used as an mXSS vector to bypass an HTML SanitiEPSS 0.8%CVE-2023-32215Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the MozillaEPSS 0.8%CVE-2022-28285MEDIUMWhen generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vEPSS 0.8%CVE-2022-22737HIGHConstructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-aftEPSS 0.8%CVE-2020-6804HIGHXSS in Mozilla WebThings GatewayEPSS 0.7%