CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

UBUNTU-CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

CVE-2025-9180 Same-origin policy bypass in the Graphics: Canvas2D component

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

CVE-2025-9180 Same-origin policy bypass in the Graphics: Canvas2D component

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

CVE-2025-9180

CVE-2025-9180 describes a same-origin policy bypass in the Graphics: Canvas2D component affecting Firefox and Thunderbird. Affected versions include Firefox and Thunderbird before 142, and ESR channels before 115.27, 128.14, or 140.2. Several connected advisories confirm the same issue and provid...

CVE-2025-43739

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenticated user to modify the content of emails sent...

CVE-2025-43739

This CVE affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP releases 2025.Q1.0–2025.Q1.6, 2024.Q4.0–2024.Q4.7, 2024.Q3.1–2024.Q3.13, 2024.Q2.0–2024.Q2.13, 2024.Q1.1–2024.Q1.16, and 7.4 GA → update 92. The root cause is improper modification of emails generated by the calendar portlet, enablin...

Linux Distros Unpatched Vulnerability : CVE-2016-5128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without...

Linux Distros Unpatched Vulnerability : CVE-2015-1304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows...

Mozilla -- Same-origin policy bypass in the Graphics: Canvas2D component

https://bugzilla.mozilla.org/showbug.cgi?id=1979782 reports: Same-origin policy bypass in the Graphics: Canvas2D component...

KLA86790 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability in...

Mozilla -- Same-origin policy bypass

[email protected] reports: 'Same-origin policy bypass in the Graphics: Canvas2D component.'...

Mozilla Firefox ESR < 140.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-67 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ES...

Security Vulnerabilities fixed in Firefox 142 — Mozilla

An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. Same-origin policy bypass in the Graphics: Canvas2D component. Uninitialized memory ...

Mozilla Firefox ESR < 128.14

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 128.14. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-66 advisory. - Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox E...

Linux Distros Unpatched Vulnerability : CVE-2017-20146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, whi...

Mozilla多款产品 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the U.S.A. Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is email client software that supports the IMAP and POP mail protocols as well as the HTML mail format. A...

KLA86791 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Uninitialized memory vulnerability in t...