Vulnerabilidades em mozilla
1.860 resultadosCVE-2020-26979—When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event andEPSS 0.7%CVE-2023-25735HIGHCross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment EPSS 0.7%CVE-2022-34482HIGHAn attacker who could have convinced a user to drag and drop an image to a filesystem could have manipulated the resulting filename to contaEPSS 0.7%CVE-2023-6135—Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to reEPSS 0.7%CVE-2023-28176HIGHMemory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume thatEPSS 0.7%CVE-2024-1546HIGHWhen storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memoEPSS 0.7%CVE-2022-42932HIGHMozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some oEPSS 0.7%CVE-2022-34485CRITICALMozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of thesEPSS 0.7%CVE-2024-0753MEDIUMIn specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR <EPSS 0.7%CVE-2024-2610MEDIUMUsing a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. TEPSS 0.7%CVE-2024-11691HIGHCertain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in EPSS 0.7%CVE-2021-29993—Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. *This bug onlyEPSS 0.7%CVE-2023-32206—An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, anEPSS 0.7%CVE-2023-29550HIGHMemory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume thatEPSS 0.7%CVE-2023-29536—An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertioEPSS 0.7%CVE-2022-45421HIGHMozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed EPSS 0.7%CVE-2023-25737HIGHAn invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affectEPSS 0.7%CVE-2022-22764HIGHMozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of EPSS 0.7%CVE-2021-29944—Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execuEPSS 0.7%CVE-2023-23605HIGHMemory safety bugs fixed in Firefox 109 and Firefox ESR 102.7EPSS 0.7%