Cross Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Cross-site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Out-of-bounds Write

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Same-Origin Policy Bypass

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Cross-Site Scripting (XSS)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or...

Same-Origin Policy Bypass

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or...

EulerOS 2.0 SP2 : firefox (EulerOS-SA-2019-1282)

According to the versions of the firefox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 CVE-2019-9788 - Mozilla: Use-after-free when removing in-use DOM elements...

CVE-2019-9803

The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some...

CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

DEBIAN-CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

Hardcoded credentials

The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some...

CVE-2019-9803

The Upgrade-Insecure-Requests UIR specification states that if UIR is enabled through Content Security Policy CSP, navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some...

CVE-2018-18511

CVE-2018-18511 : Cross-origin images can be read from a canvas element in violation of same-origin policy using transferFromImageBitmap. The issue affects Firefox versions before 65.0.1 (Firefox

CVE-2018-18511

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. Note: This only affects Firefox 65. Previous versions are unaffected.. This vulnerability affects Firefox 65.0.1...

CVE-2019-9797

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox 66...

CVE-2019-9797

CVE-2019-9797: Cross-origin images can be read in violation of the same-origin policy by exporting an image after read-through createImageBitmap and rendering the bitmap on a canvas. Affected product: Mozilla Firefox; impact is cross-origin image theft via canvas rendering. The vulnerability expl...

CVE-2019-5811

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

CVE-2019-5822

Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page...