Vulnerabilidades em mozilla
1.861 resultadosCVE-2024-4768MEDIUMA bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulneEPSS 0.5%CVE-2024-11702HIGHCopying sensitive information from Private Browsing tabs on Android, such as passwords, may have inadvertently stored data in the cloud-baseEPSS 0.5%CVE-2025-2817HIGHPrivilege escalation in Thunderbird UpdaterEPSS 0.5%CVE-2023-32210—Documents were incorrectly assuming an ordering of principal objects when ensuring we were loading an appropriately privileged principal. InEPSS 0.5%CVE-2026-0889HIGHDenial-of-service in the DOM: Service Workers componentEPSS 0.5%CVE-2024-4777HIGHMemory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruptiEPSS 0.5%CVE-2020-15668—A lock was missing when accessing a data structure and importing certificate information into the trust database. This vulnerability affectsEPSS 0.5%CVE-2025-1017CRITICALMemory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7EPSS 0.5%CVE-2024-9392CRITICALA compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, EPSS 0.5%CVE-2023-37212—Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort soEPSS 0.5%CVE-2026-4685HIGHIncorrect boundary conditions in the Graphics: Canvas2D componentEPSS 0.5%CVE-2026-4699HIGHIncorrect boundary conditions in the Layout: Text and Fonts componentEPSS 0.5%CVE-2026-4693HIGHIncorrect boundary conditions in the Audio/Video: Playback componentEPSS 0.5%CVE-2026-8953CRITICALSandbox escape due to use-after-free in the Disability Access APIs componentEPSS 0.5%CVE-2024-6603HIGHMemory corruption in thread creationEPSS 0.5%CVE-2021-38497—Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to poEPSS 0.5%CVE-2026-4726HIGHDenial-of-service in the XML componentEPSS 0.5%CVE-2025-9179CRITICALSandbox escape due to invalid pointer in the Audio/Video: GMP componentEPSS 0.5%CVE-2026-4727HIGHDenial-of-service in the Libraries component in NSSEPSS 0.5%CVE-2022-3034MEDIUMWhen receiving an HTML email that specified to load an <code>iframe</code> element from a remote location, a request to the remote document EPSS 0.5%