Vulnerabilidades em mozilla

1.863 resultados
CVE-2021-4221MEDIUMIf a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confuEPSS 0.4%CVE-2025-13016HIGHIncorrect boundary conditions in the JavaScript: WebAssembly componentEPSS 0.4%CVE-2026-4710CRITICALIncorrect boundary conditions in the Audio/Video componentEPSS 0.4%CVE-2024-7531MEDIUMCalling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy BridgeEPSS 0.4%CVE-2022-45417MEDIUMService Workers did not detect Private Browsing Mode correctly in all cases, which could have led to Service Workers being written to disk fEPSS 0.4%CVE-2022-2226MEDIUMAn OpenPGP digital signature includes information about the date when the signature was created. When displaying an email that contains a diEPSS 0.4%CVE-2026-4716CRITICALIncorrect boundary conditions, uninitialized memory in the JavaScript Engine componentEPSS 0.4%CVE-2026-12327HIGHMemory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152EPSS 0.4%CVE-2017-7760The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the oEPSS 0.4%CVE-2022-34474MEDIUMEven when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if it received a redirect header to an externalEPSS 0.4%CVE-2026-0882HIGHUse-after-free in the IPC componentEPSS 0.4%CVE-2025-1943HIGHMemory safety bugs fixed in Firefox 136 and Thunderbird 136EPSS 0.4%CVE-2026-2805CRITICALInvalid pointer in the DOM: Core & HTML componentEPSS 0.4%CVE-2026-0892CRITICALMemory safety bugs fixed in Firefox 147 and Thunderbird 147EPSS 0.4%CVE-2025-4093HIGHMemory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10EPSS 0.4%CVE-2026-6749HIGHInformation disclosure due to uninitialized memory in the Graphics: Canvas2D componentEPSS 0.4%CVE-2026-2787HIGHUse-after-free in the DOM: Window and Location componentEPSS 0.4%CVE-2026-2791CRITICALMitigation bypass in the Networking: Cache componentEPSS 0.4%CVE-2017-5387The existence of a specifically requested local file can be found due to the double firing of the "onerror" when the "source" attribute on aEPSS 0.4%CVE-2024-9393HIGHAn attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This coulEPSS 0.4%