8 matches found
EUVD-2017-16730
Malware in sbrugna...
EUVD-2019-19156
Malware in sbrugna...
EUVD-2019-3421
Malware in sbrugna...
EUVD-2023-53945
Malicious code in bioql PyPI...
CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...
Mozilla Firefox < 136.0.4
The version of Firefox installed on the remote Windows host is prior to 136.0.4. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC...
CVE-2025-2857
Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...
CVE-2025-1930 AudioIPC StreamData could trigger a use-after-free in the Browser process
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...