8 matches found
CVE-2025-11719
Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...
EUVD-2007-0892
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-18495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an...
The vulnerability in the implementation of Mozilla Firefox browser extensions allows a perpetrator to circumvent established security restrictions.
The vulnerability of Mozilla Firefox browser extensions is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions by bypassing the permission request window during the installation of extensions...
The vulnerability in the loading of Mozilla Firefox browser extensions allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of Mozilla Firefox browser extensions relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information by loading a specially created script...
A week in security (January 15 – January 21)
Last week on Labs, we gave you some background information about cookies, specifically which ones to worry about and why. We also warned you about scams surrounding the Mega Millions winner, who promised to donate his money to good causes. We analyzed a cryptocurrency miner using a very old...
OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release
OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release The third beta of OWASP Mantra Security Toolkit has been released. One of the main features of this version is the multi-language support. Mantra now supports Hindi and Spanish, in addition to English. If you can give us a helping hand by...
DEBIAN-CVE-2006-6585
The Extensions manager in Mozilla Firefox 2.0 does not properly populate the list of local extensions, which allows attackers to construct an extension that hides itself by finding its name in the list and then calling RemoveElement, as demonstrated by the FFsniFF extension. NOTE: it was later...