8 matches found
Mozilla Firefox < 143.0.3
The version of Firefox installed on the remote Windows host is prior to 143.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-80 advisory. - Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability affects Firefox...
PT-2025-30477
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 115.26 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to...
PT-2025-22990
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139 Firefox ESR versions prior to 115.24 Firefox ESR versions prior to 128.11 Description The issue arises from insufficient escaping of the ampersand character in the "Copy as cURL" feature. This could allow an...
PT-2025-9666
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 136 Description A user opt-in setting that requires authentication before use could be bypassed under certain circumstances. Recommendations For versions prior to 136, update to version 136 or later to resolve the iss...
PT-2025-4125 · Mozilla +10 · Thunderbird +12
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 135 Firefox ESR versions prior to 115.20 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 Description: A race during concurrent delazification could have led t...
CVE-2022-22764
Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96 and Firefox ESR 91.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...
CVE-2019-11749
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...
firefox: cross-domain information disclosure
Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which...