21 matches found
EUVD-2017-16757
Malware in sbrugna...
EUVD-2017-16766
Malware in sbrugna...
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
...
CVE-2025-1935 Clickjacking the registerProtocolHandler info-bar
A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
Mozilla Firefox ESR < 115.21
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.21. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-15 advisory. - Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and...
DEBIAN-CVE-2024-4367
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...
CVE-2024-0743
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox 122, Firefox ESR 115.9, and Thunderbird 115.9...
Mozilla Firefox ESR < 115.6
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-54 advisory. - Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs...
CVE-2023-37201
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13...
CVE-2022-29916
Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-40957
Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.This bug only affects Firefox on ARM64 platforms.. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
CVE-2022-31738
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Mozilla Firefox ESR < 91.8
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 91.8. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-14 advisory. - Mozilla developers and community members Nika Layzell, Andrew McCreight, Gabriele Svelto, and the Mozilla...
Mozilla: Content Security Policy violation report could have contained the destination of a redirect
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox 86,...
[SECURITY] [DLA 2297-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2297-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort July 29, 2020 https://wiki.debian.org/LTS -...
Mozilla: Use-after-free with select element
A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, and Firefox 64...
CVE-2017-5460
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
UBUNTU-CVE-2017-7785
A buffer overflow can occur when manipulating Accessible Rich Internet Applications ARIA attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
Mozilla Firefox ESR Multiple Vulnerabilities (Sep 2015) - Mac OS X
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox ESR Multiple Vulnerabilities -01 Apr13 (Mac OS X)
This host is installed with Mozilla Firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvuln01apr13macosx.nasl 6079 2017-05-08 09:03:33Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities -01 Apr13 Mac OS X Authors: Thanga Prakash S...