10 matches found
EUVD-2025-18107
Malicious code in bioql PyPI...
EUVD-2022-37432
Malicious code in bioql PyPI...
CVE-2025-5266
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2025-5266 Script element events leaked cross-origin resource status
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
Security Vulnerabilities fixed in Firefox ESR 128.11 — Mozilla
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...
Security Vulnerabilities fixed in Thunderbird 139 — Mozilla
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...
Cross site scripting
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...
CVE-2022-34477
CVE-2022-34477 describes a vulnerability in Mozilla Firefox where the MediaError message could leak information for same-site cross-origin resources, enabling XS-Leaks. Affected product: Firefox earlier than 102. The underlying issue is inconsistent MediaError messaging, which could disclose sens...
CVE-2022-34477
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...
CVE-2022-34477
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...