131 matches found
CVE-2025-13017
Mode C: CVE-2025-13017 is a same-origin policy bypass in the DOM: Notifications component, affecting Firefox before 145 (and ESR before 140.5) and Thunderbird before 145 (and ESR before 140.5). Connected advisories confirm this CVE alongside other Firefox DOM/JSWA issues and list concrete mitigat...
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component
Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
Mozilla Firefox和Mozilla Firefox ESR 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security bypass vulnerability exists in Mozilla Firefox and Firefox ESR due to a same-origin policy bypass in the DOM:Notifications component. An attacker can exploit this...
Mozilla Firefox ESR < 140.5
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox...
Linux Distros Unpatched Vulnerability : CVE-2025-13017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird...
PT-2025-46357
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 145 Firefox ESR versions prior to 140.5 Description A same-origin policy bypass exists within the DOM Notifications component. This allows for potential unauthorized access or manipulation of data due to insufficient...
Mozilla Firefox ESR < 140.5
The version of Firefox ESR installed on the remote Windows host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox ESR 140.5...
firefox -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...
PT-2025-49850
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 115.31 Firefox ESR versions prior to 140.6 Description A privilege escalation issue exists in the DOM Notifications component. This allows for potential unauthorized access or control...