313 matches found
CVE-2025-4085
An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox 138 and Thunderbird 138...
CVE-2025-4085
An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox 138 and Thunderbird 138...
UBUNTU-CVE-2025-4085
An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability was fixed in Firefox 138 and Thunderbird 138...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
Linux Distros Unpatched Vulnerability : CVE-2025-1930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use- after-free in the Browser process. This could have led t...
firefox: Use-after-free in WebTransportChild
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash...
SUSE CVE-2025-1931
It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
CVE-2025-1931
It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
DEBIAN-CVE-2025-1931
It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...
firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill)
A remote code execution vulnerability was found in Firefox and Thunderbird. The Mozilla Foundation Security Advisories state: An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines...
firefox: Use-after-free in Animation timeline (128.3.1 ESR Chemspill)
A remote code execution vulnerability was found in Firefox and Thunderbird. The Mozilla Foundation Security Advisories state: An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines...
Important: firefox
Issue Overview: A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131. CVE-2024-9392 An attacker could, via a specially crafted...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
firefox security update
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...