1013 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
Bypass of mitigation mechanisms in the Networking: Cache component. This vulnerability has been fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox and Thunderbird
If an attacker could find a way to trigger a specific code path in SafeRefPtr, it could cause a crash or potentially be used to execute malicious code. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...
Astra Linux – Vulnerability in Firefox, Thunderbird
Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 99 and Firefox ESR 91.8. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been...
Astra Linux – Vulnerability in Firefox, Thunderbird
A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...
Astra Linux – Vulnerability in Firefox and Thunderbird
Mozilla developers reported memory safety bugs in Firefox 92 and Firefox ESR 91.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...
Astra Linux – Vulnerability in Firefox and Thunderbird
When receiving rendering data via IPC mStream, it might have been destroyed during initialization, which could lead to a use-after-free condition and potentially cause a crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
Astra Linux – Vulnerability in Firefox and Thunderbird
Drivers are not always robust against extremely large draw calls, and in some cases, this scenario could lead to crashes. This vulnerability affects Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1...
CVE-2026-12313
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...
CVE-2026-12290
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...
Astra Linux – Vulnerability in Firefox and Thunderbird
In some cases, video frames may have been leaked between their origins. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
Astra Linux – Vulnerability in Firefox and Thunderbird
The truncation of a long URL could have allowed for origin spoofing in a permission prompt. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
Astra Linux – Vulnerability in Firefox and Thunderbird
A double-free issue could occur in secpkcs7decoderstartdecrypt, when handling an error path. Under certain conditions, the same symmetric key might be freed twice, potentially leading to memory corruption. This vulnerability affects Firefox 133, Thunderbird 133, Firefox ESR 128.7, and Thunderbird...
Astra Linux – Vulnerability in Firefox and Thunderbird
An attacker could have placed a datalist element to obscure the address bar. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...
Astra Linux – Vulnerability in Firefox
JIT compilation errors in the JavaScript Engine: JIT component. This vulnerability has been fixed in Firefox 145 and Thunderbird 145...
Astra Linux – Vulnerability in Firefox and Thunderbird
The Enhanced Tracking Protection’s Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS attacks through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames disguised as legitimate content. This...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...
SUSE CVE-2025-5264
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...
SUSE CVE-2026-8947
Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8958
Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...
CVE-2026-8975
Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox...