12 matches found
CVE-2026-8975
Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox...
CVE-2026-8975
CVE-2026-8975 covers memory-safety bugs in Thunderbird 140.10 and Thunderbird 150, with evidence that some flaws could be exploited to run arbitrary code. The fixed versions are Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. Affected products documen...
CVE-2026-8966
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8964
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8390 Use-after-free in the JavaScript: WebAssembly component
Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3...
CVE-2026-6749 Information disclosure due to uninitialized memory in the Graphics: Canvas2D component
Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...
Mozilla Thunderbird < 150.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 150.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-33 advisory. - Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerabili...
CVE-2025-10535
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143...
CVE-2025-8028
On arm64, a WASM brtable instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1,...
CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...
SUSE: Security Advisory (SUSE-SU-2022:1920-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5092: Use-after-free in Web Workers CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory...