Lucene search
+L

18 matches found

RedHat Linux
RedHat Linux
added 2026/02/09 9:34 a.m.9 views

firefox: thunderbird: Information disclosure in the Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Networking component...

5.3CVSS5.7AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:57 a.m.5 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

8CVSS5.7AI score0.00287EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2025/09/16 1:15 p.m.1 views

CVE-2025-10529

Same-origin policy bypass in the Layout component. This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.10 views

PT-2025-33870

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 142 Firefox ESR versions prior to 140.2 Thunderbird versions prior to 142 Thunderbird ESR versions prior to 140.2 Description: Memory safety bugs are present in the software, with some showing evidence of memory...

9.8CVSS9.4AI score0.09348EPSS
Exploits2References150
OSV
OSV
added 2024/03/19 12:15 p.m.2 views

DEBIAN-CVE-2024-2612

If an attacker could find a way to trigger a particular code path in SafeRefPtr, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

8.1CVSS7.1AI score0.00971EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/01/25 2:48 a.m.4 views

SUSE CVE-2024-0742

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

4.3CVSS6.2AI score0.00596EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.6 views

SUSE CVE-2010-2770

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted font in a data...

9.3CVSS7.9AI score0.03749EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.3 views

SUSE CVE-2013-1686

Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption vi...

10CVSS9.3AI score0.05397EPSS
Exploits0References11
OSV
OSV
added 2022/05/04 12:0 a.m.3 views

UBUNTU-CVE-2022-29911

An improper implementation of the new iframe sandbox keyword allow-top-navigation-by-user-activation could lead to script execution without allow-scripts being present. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS7.4AI score0.00561EPSS
Exploits0References7
CNVD
CNVD
added 2020/07/30 12:0 a.m.3 views

Mozilla Firefox Remote Code Execution Vulnerability (CNVD-2020-43763)

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

9.3CVSS9.1AI score0.02401EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/02/20 10:17 p.m.7 views

Mozilla: Incorrect parsing of template tag could result in JavaScript injection

If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be...

6.1CVSS7.2AI score0.02056EPSS
Exploits0References5
CNVD
CNVD
added 2019/12/04 12:0 a.m.1 views

Buffer overflow vulnerability in multiple Mozilla products (CNVD-2020-03240)

Mozilla Firefox and others are products of the Mozilla Foundation in the U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of e-mail client software separate from the Mozilla Application...

8.8CVSS9.2AI score0.01892EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2017/03/08 3:53 p.m.4 views

Mozilla: Cross-origin reading of video captions in violation of CORS (MFSA 2017-06)

Video files loaded video captions cross-origin without checking for the presence of CORS headers permitting such cross-origin use, leading to potential information disclosure for video captions. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

5.3CVSS7.3AI score0.02631EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2017/01/09 12:0 a.m.5 views

VulnCheck KEV: CVE-2013-1670

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote...

4.3CVSS6.8AI score0.10893EPSS
Exploits4References1
RedHat Linux
RedHat Linux
added 2015/07/20 4:34 p.m.4 views

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive...

9.3CVSS7.5AI score0.03767EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/08/29 4:19 a.m.4 views

Mozilla: Location object security checks bypassed by chrome code (MFSA 2012-70)

The nsLocation::CheckURL function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 does not properly follow the security model of the location object, which allows remote attackers to bypass...

6.8CVSS7.5AI score0.02298EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/06/21 10:42 p.m.7 views

Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors, a different vulnerability than...

10CVSS7.8AI score0.05459EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/06/21 10:39 p.m.7 views

Mozilla Cookie isolation error (MFSA 2011-24)

Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 do not distinguish between cookies for two domain names that differ only in a trailing dot, which allows remote web servers to bypass the Same Origin Policy via Set-Cookie headers...

5CVSS7.4AI score0.01777EPSS
Exploits1References4
Rows per page
Query Builder