11 matches found
EUVD-2022-37432
Malicious code in bioql PyPI...
EUVD-2025-18107
Malicious code in bioql PyPI...
CVE-2025-5266
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
CVE-2025-5266 Script element events leaked cross-origin resource status
Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...
Mozilla Firefox ESR < 128.11
The version of Firefox ESR installed on the remote Windows host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-44 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory...
Security Vulnerabilities fixed in Thunderbird 139 — Mozilla
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...
Security Vulnerabilities fixed in Firefox ESR 128.11 — Mozilla
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...
Cross site scripting
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...
CVE-2022-34477
CVE-2022-34477 describes a vulnerability in Mozilla Firefox where the MediaError message could leak information for same-site cross-origin resources, enabling XS-Leaks. Affected product: Firefox earlier than 102. The underlying issue is inconsistent MediaError messaging, which could disclose sens...
CVE-2022-34477
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...
CVE-2022-34477
The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...