155 matches found
firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...
Astra Linux – Vulnerability in Firefox
DoS attack in the XML component. This vulnerability has been fixed in Firefox 149 and Thunderbird 149...
Astra Linux – Vulnerability in Firefox, Thunderbird
Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: Same-origin policy bypass in the Networking: HTTP component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
CVE-2026-8962
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...
CVE-2026-8947
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...
CVE-2026-8958
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...
CVE-2026-8956
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...
CVE-2026-8955
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...
CVE-2026-8954
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...
Astra Linux – Vulnerability in Firefox
When Firefox is configured to block the storage of all cookies, it is still possible to store data in localstorage by using an iframe with a source of ‘about:blank’. This could allow malicious websites to store tracking data without permission. This vulnerability affects Firefox versions earlier...
Astra Linux – Vulnerability in Firefox and Thunderbird
By misusing a race in our notification code, an attacker could have forcibly hide notifications for pages that had received full-screen and pointer-lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...
Astra Linux – Vulnerability in Firefox
Insufficient validation in the Drag and Drop API, combined with social engineering, may have allowed an attacker to trick end-users into creating shortcuts to local system files. This could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 115...
Astra Linux – Vulnerability in Firefox
The return value from gfx::SourceSurfaceSkia::Map wasn’t verified, which could potentially lead to a null pointer dereferencing. This vulnerability affects Firefox versions less than 110...
Astra Linux – Vulnerability in Firefox
An attacker was able to perform out-of-bounds read or write operations on a JavaScript object by exploiting a bug related to range-based bounds checks. This vulnerability affects Firefox versions prior to 124.0.1...
Astra Linux – Vulnerability in Firefox
Context-specific code was included in a shared jump table, resulting in assertions being triggered in multithreaded Wasm code. This vulnerability affects Firefox versions earlier than 86...
Astra Linux – Vulnerability in Firefox
If an attacker were able to alter specific about:config values for example, malware running on the user’s computer, the Devtools remote debugging feature might be enabled in a way that is unnoticed by the user. This would allow a remote attacker who can establish a direct network connection to th...