18 matches found
Astra Linux – Vulnerability in Thunderbird, Firefox
Module load requests that failed were not checked to determine whether they had been cancelled, resulting in a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Astra Linux – Vulnerability in Thunderbird, Firefox
When encoding data from an inputStream in xpcom, the size of the input being encoded was not correctly calculated, potentially leading to an out-of-bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
...
Linux Distros Unpatched Vulnerability : CVE-2023-25745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...
CVE-2023-25733
The return value from gfx::SourceSurfaceSkia::Map wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox 110...
CVE-2023-25736
An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110...
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...
CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
CVE-2023-25743
A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.This bug only affects Firefox Focus. Other versions of Firefox are unaffected.. This vulnerability affects Firefox 110 and Firefox ESR 102.8...
CVE-2023-25745
Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 110...
DEBIAN-CVE-2023-25730
A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
SUSE CVE-2023-25741
When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox 110...
SUSE CVE-2023-25737
An invalid downcast from nsTextNode to SVGElement could have lead to undefined behavior. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
SUSE CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
SUSE CVE-2023-25744
Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 110 and Firefox ESR 102.8...
UBUNTU-CVE-2023-25736
An invalid downcast from nsHTMLDocument to nsIContent could have lead to undefined behavior. This vulnerability affects Firefox 110...
UBUNTU-CVE-2023-25739
Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...
UBUNTU-CVE-2023-25733
The return value from gfx::SourceSurfaceSkia::Map wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox 110...