153 matches found
Astra Linux – Vulnerability in Firefox
An attacker was able to perform out-of-bounds read or write operations on a JavaScript object by exploiting a bug related to range-based bounds checks. This vulnerability affects Firefox versions prior to 124.0.1...
Astra Linux – Vulnerability in Firefox
Firefox’s HTML parser did not correctly interpret HTML comment tags, leading to inconsistencies with other browsers. This vulnerability could have been exploited to embed user-controlled data within HTML comments on pages. This issue affects Firefox versions prior to 101...
Astra Linux – Vulnerability in Firefox
Insufficient validation in the Drag and Drop API, combined with social engineering, may have allowed an attacker to trick end-users into creating shortcuts to local system files. This could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 115...
Astra Linux – Vulnerability in Firefox
The return value from gfx::SourceSurfaceSkia::Map wasn’t verified, which could potentially lead to a null pointer dereferencing. This vulnerability affects Firefox versions less than 110...
Astra Linux – Vulnerability in Firefox
If an attacker were able to alter specific about:config values for example, malware running on the user’s computer, the Devtools remote debugging feature might be enabled in a way that is unnoticed by the user. This would allow a remote attacker who can establish a direct network connection to th...
Astra Linux – Vulnerability in Firefox
The NSCDeriveKey function inadvertently assumed that the phKey parameter was always non-NULL. When the parameter was passed as NULL, a segmentation fault occurred, resulting in crashes. This behavior conflicts with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanism...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...
firefox: Same-origin policy bypass in the Networking: HTTP component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
CVE-2026-8962
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...
CVE-2026-8947
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...
CVE-2026-8958
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...
CVE-2026-8956
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...
CVE-2026-8955
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...
CVE-2026-8954
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...
Astra Linux - уязвимость в firefox
Context-specific code was included in a shared jump table, resulting in assertions being triggered in multithreaded Wasm code. This vulnerability affects Firefox versions earlier than 86...
Astra Linux - уязвимость в firefox
When Firefox is configured to block the storage of all cookies, it is still possible to store data in localstorage by using an iframe with a source of ‘about:blank’. This could allow malicious websites to store tracking data without permission. This vulnerability affects Firefox versions earlier...
Astra Linux - уязвимость в firefox, thunderbird
Firefox did not properly handle downloads of files ending with .desktop, which can be interpreted to execute commands controlled by the attacker. This bug only affects Firefox for Linux on certain distributions. Other operating systems are unaffected, and Mozilla is unable to list all affected...
Astra Linux - уязвимость в firefox
By using iterative requests, an attacker was able to determine the size of an opaque response, as well as the contents of a Vary header provided by the server. This vulnerability affects Firefox versions earlier than 119...