26 matches found
Astra Linux – Vulnerability in Firefox
Due to unexpected data type conversions, a use-after-free might have occurred when interacting with the font cache. We assume that with sufficient effort, this vulnerability could have been exploited to execute arbitrary code. This vulnerability affects Firefox versions earlier than 88...
KLA91025 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in the DOM: Networking component can be exploited...
CVE-2025-14860 Use-after-free in the Disability Access APIs component
Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1...
CVE-2025-11152
Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143.0.3...
CVE-2025-9183
Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2...
CVE-2025-8041 Incorrect URL truncation in Firefox for Android
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141...
Linux Distros Unpatched Vulnerability : CVE-2023-29551
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ha...
UBUNTU-CVE-2025-6426
The executable file warning did not warn users before opening files with the terminal extension. This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12...
Astra Linux – Vulnerability in Firefox, Thunderbird
A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...
SUSE CVE-2024-7524
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and...
CVE-2024-6605
Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox 128...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation. A security vulnerability exists in Mozilla Firefox, which originates from a clickjacking vulnerability. An attacker can exploit the vulnerability to trick users into clicking an authorization button. Affected products and...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 120, Firefox ESR versions prior to 115.5, and Thunderbird versions prior to 115.5.0, which stems from a vulnerability that can force...
CVE-2023-28177
Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 111...
SUSE CVE-2009-3374
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to...
SUSE CVE-2017-7770
A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this...
SUSE CVE-2021-23988
Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 87...
SUSE CVE-2022-22762
Under certain circumstances, a JavaScript alert or prompt could have been shown while another website was displayed underneath it. This could have been abused to trick the user. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ...
Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain
Due to an unusual sequence of attacker-controlled events, a Javascript alert dialog with arbitrary although unstyled contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...
Mozilla Firefox and Firefox ESR Memory Misreference Vulnerability (CNVD-2018-25867)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A memory misreference vulnerability exists in Mozilla Firefox versions prior to 64 and Firefox ES...