66 matches found
Astra Linux - уязвимость в thunderbird
Mozilla developers reported memory safety bugs in Thunderbird 78.13.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Thunderbird versions less...
Astra Linux - уязвимость в firefox
Due to unexpected data type conversions, a use-after-free might have occurred when interacting with the font cache. We assume that with sufficient effort, this vulnerability could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88...
Astra Linux - уязвимость в firefox, thunderbird
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...
KLA91025 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in the DOM: Networking component can be exploited...
Mozilla Firefox < 150.0.2
The version of Firefox installed on the remote Windows host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-40 advisory. - Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presum...
Mozilla Firefox < 149.0
The version of Firefox installed on the remote Windows host is prior to 149.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-20 advisory. - Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox 149 and...
PT-2026-21732
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Thunderbird versions prior to 148 Description A use-after-free issue exists in the DOM: Core & HTML component. This condition occurs when memory is accessed after it has been freed, potentially leading to crashes ...
firefox: thunderbird: Same-origin policy bypass in the Request Handling component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Request Handling component...
CVE-2025-14860 Use-after-free in the Disability Access APIs component
Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1...
Mozilla Firefox < 3.0.12
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 3.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2009-34 advisory. - The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a...
CVE-2025-14327
CVE-2025-14327 is a spoofing vulnerability in the Downloads Panel component affecting Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird
CVE-2025-14322
CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. Affected software: Firefox versions before 146 and ESR before 115.31 and 140.6. The issue is described across multiple advisories (ALAS2023-2025-1337, ALAS2FIREFOX-2025-049, ALSA-2025:23128...
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
CVE-2025-11718
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in Firefox 144...
UBUNTU-CVE-2025-11720
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...
CVE-2025-11152
Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143.0.3...
CVE-2025-9183
Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2...
CVE-2025-8041 Incorrect URL truncation in Firefox for Android
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...
Linux Distros Unpatched Vulnerability : CVE-2023-29551
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...
Linux Distros Unpatched Vulnerability : CVE-2022-31748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100...