51 matches found
CVE-2022-0517
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN 2.7.1...
EUVD-2020-7666
Malware in sbrugna...
EUVD-2021-16437
Malware in sbrugna...
EUVD-2023-53994
Malicious code in bioql PyPI...
EUVD-2025-18102
Malicious code in bioql PyPI...
EUVD-2022-15645
Malicious code in bioql PyPI...
Mozilla VPN Elevation of Privilege Vulnerability
Mozilla VPN is an open source virtual private network web browser extension, desktop application and mobile application from the Mozilla Foundation. Mozilla VPN suffers from an elevation of privilege vulnerability that originates from an elevation of privilege, which can be exploited by an attack...
CVE-2025-5687
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.. This vulnerability was fixed in Mozilla VPN 2.28.0 macOS...
CVE-2025-5687
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.. This vulnerability was fixed in Mozilla VPN 2.28.0 macOS...
CVE-2025-5687
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.28.0 macOS...
CVE-2025-5687 Local privilege escalation vulnerability in Mozilla VPN clients for macOS v2.27.0 and below.
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.. This vulnerability was fixed in Mozilla VPN 2.28.0 macOS...
CVE-2025-5687 Local privilege escalation vulnerability in Mozilla VPN clients for macOS v2.27.0 and below.
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.. This vulnerability was fixed in Mozilla VPN 2.28.0 macOS...
CVE-2025-5687
Summary: CVE-2025-5687 affects Mozilla VPN on macOS and allows privilege escalation from a normal user to root. The issue is limited to macOS builds of Mozilla VPN; other OSes are unaffected. Affected product/version: Mozilla VPN on macOS, specifically versions prior to 2.28.0 (macOS). Root cause...
Mozilla VPN 安全漏洞
Mozilla VPN is an open source virtual private network web browser extension, desktop application and mobile application from the Mozilla Foundation. Mozilla VPN suffers from an elevation of privilege vulnerability that originates from an elevation of privilege, which can be exploited by an attack...
PT-2025-74: Local Privilege Escalation (LPE) in Mozilla VPN
The vulnerability was identified in Mozilla VPN, versions 2.27.0 on MacOS. The discovered vulnerability allows an attacker to escalate privileges from a normal user to root. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 04.06.2025 Recommendations: Update to version...
Security Issue fixed in Mozilla VPN for macOS v2.28.0 — Mozilla
A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root.This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected...
PT-2025-25208 · Mozilla · Vpn
Name of the Vulnerable Software and Affected Versions: Mozilla VPN versions 2.28.0 and earlier macOS Description: A vulnerability in Mozilla VPN for macOS allows privilege escalation from a normal user to root. This issue only affects Mozilla VPN on macOS, with other operating systems being...
CVE-2023-4104
An invalid Polkit Authentication check and missing authentication requirements for D-Bus methods allowed any local user to configure arbitrary VPN setups. This bug only affects Mozilla VPN on Linux. Other operating systems are unaffected. This vulnerability affects Mozilla VPN 2.16.1 Linux...
CVE-2021-29978
Multiple low security issues were discovered and fixed in a security audit of Mozilla VPN 2.x branch as part of a 3rd party security audit. This vulnerability affects Mozilla VPN 2.3...
Mozilla: Mozilla VPN Clients: RCE via file write and path traversal
The report describes a path traversal vulnerability in the Mozilla VPN client software that allowed for remote code execution. The vulnerability was found in the "livereload" command of the client's inspector feature, which could be accessed when the client was in developer mode with "Use Staging...