6 matches found
CVE-2026-4725
Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
UBUNTU-CVE-2023-37209
A use-after-free condition existed in NotifyOnHistoryReload where a LoadingSessionHistoryEntry object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox 115...
SUSE CVE-2017-5384
Proxy Auto-Config PAC files can specify a JavaScript function called for all URL requests with the full URL path which exposes more information than would be sent to the proxy itself in the case of HTTPS. Normally the Proxy Auto-Config file is specified by the user or machine owner and presumed t...
SUSE CVE-2018-5121
Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating syste...
UBUNTU-CVE-2019-11728
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox 68...
CVE-2017-7822
The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects Firefox 56...