36 matches found
Astra Linux - уязвимость в firefox
In canvas rendering, a compromised content process could cause a surface to change unexpectedly, leading to a memory leak in a privileged process. This memory leak could be exploited to perform a sandbox escape if the correct data was leaked. This vulnerability affects Firefox versions earlier th...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox 140.9.0 ESR MFSA 2026-22, bsc1260083: CVE-2026-4684: Race condition, use-after-free in the Graphics: WebRender component CVE-2026-4685: Incorrect boundary conditions in the Graphics: Canvas2D component CVE-2026-4686:...
EUVD-2018-4333
Malware in sbrugna...
RHEL 8 : firefox (RHSA-2025:15418)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:15418 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Information Disclosure
firefox is vulnerable to Information Disclosure. This vulnerability allows an attacker to cause a memory leak in a privileged process by exploiting a bug in the way Firefox handles canvas rendering...
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6404-1)
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6404-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially explo...
SUSE CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
UBUNTU-CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
Fedora 38 : firefox (2023-587dc80bb1)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-587dc80bb1 advisory. - Updated to latest upstream 118.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In Firefox, CVE-2023-5170 covers a memory leak in the canvas rendering path where a compromised content process could cause a surface to change unexpectedly, leaking privileged-process memory and potentially enabling a sandbox escape. Affected software: Mozilla Firefox versions prior to 118. Root...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
CVE-2023-5170
In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox 118...
Design/Logic Flaw
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using contextIsolation and contextBridge are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach...
CVE-2023-29198 Context isolation bypass via nested unserializable return value in Electron
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using contextIsolation and contextBridge are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach...
SUSE CVE-2015-4497
Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets CSS toke...