15 matches found
firefox: Incorrect boundary conditions, integer overflow in the Audio/Video component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Audio/Video component...
firefox: Mitigation bypass in the DOM: Security component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...
thunderbird: Spoofing issue in Thunderbird
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in Thunderbird...
firefox: thunderbird: Privilege escalation in the Netmonitor component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...
firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics component...
firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software...
CVE-2025-1939
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could be used to trick a user into granting sensitive permissions by hiding what...
firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser
The Mozilla Foundation's Security Advisory: Repeated writes to history interface attributes could be used to cause a Denial of Service condition in the browser. This issue was addressed by introducing rate-limiting to this API...
firefox: thunderbird: Origin of permission prompt could be spoofed by long URL
A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Truncation of a long URL could have allowed origin spoofing in a permission prompt...
Mozilla: Memory corruption in NSS
The Mozilla Foundation Security Advisory describes this flaw as: A mismatch between allocator and deallocator could have lead to memory corruption...
Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Gabriele Svelto, Andrew McCreight, the Mozilla Fuzzing Team, Sean Feng, and Sebastian Hengst reported memory safety bugs present in Firefox 113 and Firefox ESR 102.11. Some of these bugs show...
Mozilla: Denial of Service via window.print
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a website called window.print causing a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings...
Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of Mozilla developer Nika Layzell and the Mozilla Fuzzing Team, reporting memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption, and we...
Mozilla: Reader mode bypassed SameSite cookies
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of requests initiated through the reader mode did not properly omit cookies with a SameSite attribute...
Mozilla: Heap-buffer-overflow in blendGaussianBlur
The Mozilla Foundation Security Advisory describes this flaw as: Applying a CSS filter effect could have accessed out-of-bounds memory. This could have led to a heap-buffer-overflow, causing a potentially exploitable crash...