Exploit for Type Confusion in Apple Safari

CVE-2024-23222 — WebKit Type Confusion → iOS 16.4.1 Sandbox Es...

MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

Mozilla Firefox Security Advisory (MFSA2021-52) - Mac OS X

This host is missing a security update for Mozilla Firefox. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox ESR Security Advisory (MFSA2021-53) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Denial Of Service (DoS)

thunderbird and firefox are vulnerable denial of service. The vulnerability exists due to a GC Rooting Failure When Calling Wasm Instance Methods...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

Design/Logic Flaw

Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird 91.4.0, Firefox...

CVE-2021-43539

CVE-2021-43539 is a Mozilla Firefox/Thunderbird memory safety issue: GC rooting failure when calling wasm instance methods can cause a use-after-free and potentially exploitable crash. Connected sources confirm the flaw affects Firefox up to 95 and Thunderbird up to 91.4.0, linked advisories show...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

Mozilla: GC rooting failure when calling wasm instance methods

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

CVE-2021-43539

The Mozilla Foundation Security Advisory describes this flaw as: Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitab...

CVE-2021-39216

Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.19.0 and before version 0.30.0 there was a use-after-free bug when passing externrefs from the host to guest Wasm content. To trigger the bug, you have to explicitly pass multiple externrefs from the host to a...