388 matches found
KLA86785 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability in the GMP process can be...
Mozilla Thunderbird < 140.2
The version of Thunderbird installed on the remote Windows host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-72 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1,...
Mozilla Firefox ESR < 140.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-67 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ES...
Mozilla Thunderbird < 142.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 142.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-70 advisory. - Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of...
Mozilla Thunderbird < 142.0
The version of Thunderbird installed on the remote Windows host is prior to 142.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-70 advisory. - Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory...
Mozilla -- Denial-of-service due to out-of-memory
https://bugzilla.mozilla.org/showbug.cgi?id=1975837 reports: Denial-of-service due to out-of-memory in the Graphics: WebRender component...
Mozilla -- DoS in WebRender
[email protected] reports: 'Denial-of-service due to out-of-memory in the Graphics: WebRender component.'...
Security Vulnerabilities fixed in Thunderbird 140.2 — Mozilla
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...
Security Vulnerabilities fixed in Firefox 142 — Mozilla
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...
Security Vulnerabilities fixed in Thunderbird 142 — Mozilla
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...
Security Vulnerabilities fixed in Firefox ESR 140.2 — Mozilla
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...
PT-2025-33869
Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 142 Firefox ESR versions prior to 140.2 Thunderbird versions prior to 142 Thunderbird versions prior to 140.2 Description: The software is susceptible to a denial-of-service issue caused by an out-of-memory condition...
Linux Distros Unpatched Vulnerability : CVE-2020-12407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The...
CVE-2021-29968
When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 89.0.1...
Remote Code Execution (RCE)
firefox is vulnerable to Remote Code Execution RCE. This vulnerability occurs due to improper handling of memory in the WebRender component. An attacker can exploit this vulnerability to crash Firefox or execute arbitrary code...
SUSE CVE-2020-12407
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox 77...
Mozilla Firefox Security Advisory (MFSA2020-20) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
firefox security update
91.2.0-4.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.2.0-4 - Disable webrender on the s390x due to wrong colors: rhbz2009503 91.2.0-3 - Update to 91.2.0...
firefox security update
91.2.0-4.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.2.0-4 - Disable webrender on the s390x due to wrong colors: rhbz2009503 91.2.0-3 - Update to 91.2.0 build1 91.1.0-1 - Update to 91.1.0 build1 Tue Aug 17 2021 Jan Horak -...
Mozilla Firefox Out-of-Bounds Read Vulnerability (CNVD-2021-49613)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox that originates from a boundary condition when drawing text on a canvas with WebRender disabled. A remote attacker can exploit the vulnerability to...