Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox

A malicious website can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been exploited in a spoofing attack. This vulnerability affects Firefox versions earlier than 119...

4.3CVSS6.1AI score0.00586EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Firefox

An attacker was able to perform out-of-bounds read or write operations on a JavaScript object by exploiting a bug related to range-based bounds checks. This vulnerability affects Firefox versions prior to 124.0.1...

9.8CVSS6.9AI score0.22935EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/03/24 12:30 p.m.23 views

CVE-2026-4704 Denial-of-service in the WebRTC: Signaling component

Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

0.00414EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.3 views

Mozilla Firefox < 16.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 16.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2012-75 advisory. - Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away...

6.8CVSS8.3AI score0.02246EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/12/10 1:32 p.m.7 views

firefox: thunderbird: Same-origin policy bypass in the Request Handling component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...

6.5CVSS5.7AI score0.00156EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/13 12:37 p.m.5 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.7AI score0.00222EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/09/16 12:26 p.m.5 views

CVE-2025-10531

Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability was fixed in Firefox 143 and Thunderbird 143...

5.4CVSS5.6AI score0.00255EPSS
Exploits0
OSV
OSV
added 2025/02/04 2:15 p.m.3 views

UBUNTU-CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135...

7.3CVSS6.5AI score0.00401EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/03/15 3:33 a.m.2 views

SUSE CVE-2023-28160

When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox 111...

6.5CVSS8.4AI score0.00508EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2004-1380

Firefox before 1.0 and Mozilla before 1.7.5 allows inactive background tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."...

5CVSS6.8AI score0.03682EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2009-0358

Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...

3.3CVSS8.3AI score0.00521EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.2 views

SUSE CVE-2013-5594

Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding...

4.3CVSS6.6AI score0.00683EPSS
Exploits0References3
OSV
OSV
added 2022/12/22 8:15 p.m.4 views

CVE-2022-34480

Within the lginit function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox 102...

8.8CVSS7.4AI score0.00542EPSS
Exploits0References2
OSV
OSV
added 2020/06/02 12:0 a.m.2 views

UBUNTU-CVE-2020-12408

When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. This vulnerability affects Firefox 77...

6.5CVSS7.3AI score0.0083EPSS
Exploits0References4
OSV
OSV
added 2019/02/28 6:29 p.m.1 views

CVE-2018-12401

Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service DOS attacks. This vulnerability affects Firefox 63...

7.5CVSS7.3AI score0.02287EPSS
Exploits0References5
OSV
OSV
added 2018/06/11 9:29 p.m.4 views

CVE-2017-5388

A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox 51...

7.5CVSS7AI score0.01662EPSS
Exploits0References4
OSV
OSV
added 2017/01/25 12:0 a.m.4 views

UBUNTU-CVE-2017-5393

The "mozAddonManager" allows for the installation of extensions from the CDN for addons.mozilla.org, a publicly accessible site. This could allow malicious extensions to install additional extensions from the CDN in combination with an XSS attack on Mozilla AMO sites. This vulnerability affects...

6.1CVSS6.9AI score0.00896EPSS
Exploits0References4
OSV
OSV
added 2016/10/25 12:0 a.m.3 views

UBUNTU-CVE-2016-5288

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox 49.0.2...

5.9CVSS6.9AI score0.01798EPSS
Exploits0References3
OSV
OSV
added 2015/01/14 12:0 a.m.4 views

UBUNTU-CVE-2014-8635

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

7.5CVSS7.2AI score0.04109EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/04/02 7:56 p.m.4 views

Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)

Integer signedness error in the pixmanfillsse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows...

6.8CVSS7.8AI score0.03941EPSS
Exploits0References5
Rows per page
Query Builder