37 matches found
Astra Linux – Vulnerability in Firefox and Thunderbird
When Responsive Design Mode was enabled, it used references to objects that had previously been freed. We assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
Mozilla多款产品 安全漏洞
Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...
CVE-2026-4716
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4693
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4705
Undefined behavior in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4691
Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-2786
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
CVE-2026-0880
CVE-2026-0880 is a sandbox-escape vulnerability: sandbox escape due to an integer overflow in the Graphics component. Affected products include Firefox (<147), Firefox ESR (<115.32 and <140.7), Thunderbird (<147 and
CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
firefox: thunderbird: Same-origin policy bypass in the Request Handling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...
CVE-2025-14329
Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...
firefox: thunderbird: Use-after-free in the Audio/Video component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Audio/Video component...
UBUNTU-CVE-2025-13019
Same-origin policy bypass in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
CVE-2025-10529
Same-origin policy bypass in the Layout component. This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...
CVE-2025-10536 Information disclosure in the Networking: Cache component
Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...
Linux Distros Unpatched Vulnerability : CVE-2023-23603
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log weren't accounting for external URLs. Data...
UBUNTU-CVE-2024-5696
By manipulating the text in an input tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
UBUNTU-CVE-2023-6208
When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. This bug only affects Firefox on X11. Other systems are unaffected. This vulnerability affects Firefox 120, Firefox ESR 115.5.0, and...
DEBIAN-CVE-2023-32207
A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox 113, Firefox ESR 102.11, and Thunderbird 102.11...