4 matches found
SUSE CVE-2019-9821
A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox 67...
Mozilla: Type confusion in Array.pop
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR 60.7.1, Firefox 67.0.3, and Thunderbird 60.7.2...
Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2019-15665)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 67, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit thi...
UBUNTU-CVE-2019-11701
The default webcal: protocol handler will load a web site vulnerable to cross-site scripting XSS attacks. This default was left in place as a legacy feature and has now been removed. Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.. This...