9 matches found
SUSE CVE-2018-6121
Insufficient validation of input in Blink in Google Chrome prior to 66.0.3359.170 allowed a remote attacker to perform privilege escalation via a crafted HTML page...
UBUNTU-CVE-2019-9814
Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 67...
Mozilla: Type-confusion in IonMonkey JIT compiler
A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...
Mozilla: Use-after-free when removing in-use DOM elements
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2019-08533)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An information disclosure vulnerability exists in versions of Mozilla Firefox prior to 66, which stems from the program's failure to perform sufficient boundary detection on data. An attacker could...
Mozilla Firefox Denial of Service Vulnerability (CNVD-2019-08542)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 66. An attacker could exploit this vulnerability to cause a denial of service...
Mozilla Firefox Man-in-the-Middle Attack Vulnerability (CNVD-2019-08537)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 66, which stems from the program failing to properly perform Upgrade-Insecure-Requests on same-origin navigation, and can be exploite...
Mozilla Firefox Memory Corruption Vulnerability (CNVD-2019-08540)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in the Prio inventory in versions of Mozilla Firefox prior to 66. An attacker could exploit this vulnerability to cause memory corruption...
UBUNTU-CVE-2018-6098
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...