Lucene search
K
MozillaMost viewed

1573 matches found

Mozilla
Mozilla
added 2010/06/22 12:0 a.m.23 views

focus() behavior can be used to inject or steal keystrokes — Mozilla

Google security researcher Michal Zalewski reported that focus could be used to change a user's cursor focus while they are typing, potentially directing their keyboard input to an unintended location. This behavior was also present across origins when content from one domain was embedded within...

5.8CVSS1.4AI score0.02018EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2006/07/25 12:0 a.m.23 views

chrome: scheme loading remote content — Mozilla

Benjamin Smedberg discovered that chrome URL's could be made to reference remote files, which would run scripts with full privilege. There is no known way for web content to successfully load a chrome: url, but if a user could be convinced to do so manually perhaps by copying a link and pasting i...

2.6CVSS6AI score0.03093EPSS
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2005/05/08 12:0 a.m.23 views

Code execution via javascript: IconURL — Mozilla

Two vulnerabilities found in Mozilla Firefox 1.0.3 when combined allow an attacker to run arbitrary code. The Mozilla Suite version 1.7.7 is only partially vulnerable...

7.2AI score
Exploits0References3Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.23 views

Spoofing download and security dialogs with overlapping windows — Mozilla

Michael Krax demonstrates that the download dialog and security dialogs can be spoofed by partially covering them with an overlapping window. Some users may not notice the OS window border and browser statusbar bisecting what appears to be a single dialog, and be convinced by the spoofing text of...

6.8AI score
Exploits0References3Affected Software2
Mozilla
Mozilla
added 2024/10/14 12:0 a.m.22 views

Security Vulnerability fixed in Firefox 131.0.3 — Mozilla

When manipulating the selection node cache, an attacker may have been able to cause unexpected behavior, potentially leading to an exploitable crash...

6.5CVSS7.2AI score0.00258EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2024/08/05 12:0 a.m.22 views

Security Vulnerabilities fixed in Firefox for iOS 129 — Mozilla

Long pressing on a download link could potentially provide a means for cross-site scripting The contextual menu for links could provide an opportunity for cross-site scripting attacks When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to...

9.8CVSS6.4AI score0.00305EPSS
Exploits1References4Affected Software1
Mozilla
Mozilla
added 2024/02/19 12:0 a.m.22 views

Security Vulnerabilities fixed in Focus for iOS 122 — Mozilla

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition...

8.1CVSS7AI score0.00387EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2015/08/06 12:0 a.m.22 views

COPPA error screen in FxAccounts signup allows loading arbitrary web content into B2G root process — Mozilla

Kartikaya Gupta of Mozilla reported an issue within the Firefox Accounts setup dialog that would embed content from a static external URI into the System process. An attacker in a position to control a vulnerable device's network connection could use this to inject arbitrary web content into the...

6.7AI score
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2008/07/01 12:0 a.m.22 views

Arbitrary socket connections with Java LiveConnect on Mac OS X — Mozilla

Security researcher Gregory Fleischer reported a vulnerability in the way Mozilla indicates the origin of a document to the Java Embedding Plugin JEP that ships with Firefox on Mac OS X. This vulnerability could allow a malicious Java applet to bypass the same-origin policy and create arbitrary...

7.5CVSS6AI score0.02553EPSS
Exploits1References2Affected Software2
Mozilla
Mozilla
added 2026/05/07 12:0 a.m.21 views

Security Vulnerabilities fixed in Firefox 150.0.2 — Mozilla

Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Memory safety bugs present in Firefox 150.0.1...

8.1CVSS6AI score0.00384EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2025/02/18 12:0 a.m.21 views

Security Vulnerabilities fixed in Firefox 135.0.1 — Mozilla

Memory safety bugs present in Firefox 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

6.5CVSS7.9AI score0.00436EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2024/11/26 12:0 a.m.21 views

Security Vulnerabilities fixed in Firefox 133 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. Malicious websites may have been able...

9.8CVSS8.7AI score0.00833EPSS
Exploits0References18Affected Software1
Mozilla
Mozilla
added 2024/11/26 12:0 a.m.21 views

Security Vulnerabilities fixed in Thunderbird 128.5 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. An attacker could cause a select...

9.8CVSS7.5AI score0.00833EPSS
Exploits0References10Affected Software1
Mozilla
Mozilla
added 2011/09/27 12:0 a.m.21 views

Inferring keystrokes from motion data — Mozilla

University of California, Davis researchers Liang Cai and Hao Chen presented a paper at the 2011 USENIX HotSec workshop on inferring keystrokes from device motion data on mobile devices. Web pages can now receive data similar to the apps studied in that paper and likely present a similar risk. We...

6.7AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2009/06/22 12:0 a.m.21 views

Crash viewing multipart/alternative message with text/enhanced part — Mozilla

Bernd Jendrissek reported a crash in Thunderbird when viewing a multipart/alternative mail message with a text/enhanced part. Internally this led to operations on an unexpected type of object resulting in a crash which may be exploitable...

6.8AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2008/11/12 12:0 a.m.21 views

file: URIs inherit chrome privileges when opened from chrome — Mozilla

Security researcher Luke Bryan reported that file: URIs are given chrome privileges when opened in the same tab as a chrome page or privileged about: page. This vulnerability could be used by an attacker to run arbitrary JavaScript with chrome privileges. The severity of this issue was determined...

5.1CVSS2.2AI score0.02172EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2006/04/13 12:0 a.m.21 views

Secure-site spoof (requires security warning dialog) — Mozilla

Tristor reports that it was possible to spoof the browser's secure-site indicators the lock icon, the site name in the URL field, the gold URL field background in Firefox by first loading the target secure site in a pop-up window, then changing its location to a different site...

2.6CVSS3.6AI score0.02477EPSS
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2005/07/12 12:0 a.m.21 views

Same-origin violation with InstallTrigger callback — Mozilla

The InstallTrigger.install method for launching an install accepts a callback function that will be called with the final success or error status. By forcing a page navigation immediately after calling the install method this callback function can end up running in the context of the new page...

6.8AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.21 views

XSLT can include stylesheets from arbitrary hosts — Mozilla

xsl:include and xsl:import can include XSLT stylesheets from arbitrary domains including those behind the user's firewall. This at least allows for existence checking of these files; it's not clear how much, if any, data could be extracted from arbitrary XML files...

7.1AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.21 views

Overwrite arbitrary files downloading .lnk twice — Mozilla

If a windows user can be convinced to download a .lnk file twice to the same location an attacker can overwrite essentially delete arbitrary files on the user's machine: the file referenced by the first .lnk will be overwritten by the second download rather than replacing the .lnk itself. On some...

6.9AI score
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2026/05/08 12:0 a.m.20 views

Security Vulnerabilities fixed in Thunderbird 150.0.2 — Mozilla

Memory safety bugs present in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. Memory safety bugs present in Thunderbird 150.0.1. Some of...

8.1CVSS6AI score0.00384EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2026/01/27 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox 147.0.2 — Mozilla

CVE-2026-24868: Mitigation bypass in the Privacy: Anti-Tracking component Reporter Masato Kinugawa Impact moderate References Bug 2007302 CVE-2026-24869: Use-after-free in the Layout: Scrolling and Overflow component Reporter Hiroyuki Ikezoe Impact high References Bug 2008698...

8.8CVSS5.9AI score0.00232EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2025/06/10 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox 139.0.4 — Mozilla

Certain canvas operations could have lead to memory corruption. An integer overflow was present in OrderedHashTable used by the JavaScript engine...

9.8CVSS6.9AI score0.00651EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2025/05/17 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox ESR 128.10.1 — Mozilla

An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes...

9.8CVSS6.2AI score0.08917EPSS
Exploits1References2Affected Software1
Mozilla
Mozilla
added 2025/05/13 12:0 a.m.20 views

Security Vulnerabilities fixed in Thunderbird 138.0.1 — Mozilla

Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an invalid value "Spoofed Name [email protected] [email protected]", Thunderbird treats [email protected] as the...

8.1CVSS6.6AI score0.00363EPSS
Exploits0References5Affected Software1
Mozilla
Mozilla
added 2025/04/01 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox 137 — Mozilla

JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. Leaking of file descriptors from the fork server to web content processes could allow for...

8.1CVSS8AI score0.00824EPSS
Exploits1References8Affected Software1
Mozilla
Mozilla
added 2024/12/11 12:0 a.m.20 views

Security Vulnerabilities fixed in Thunderbird 115.18 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. Enhanced Tracking Protection's Strict...

8.8CVSS6.2AI score0.00704EPSS
Exploits0References3Affected Software1
Mozilla
Mozilla
added 2024/12/10 12:0 a.m.20 views

Security Vulnerabilities fixed in Thunderbird 128.5.2 — Mozilla

The Matrix specification demands homeservers to perform validation of the server-name and media-id components of MXC URIs with the intent to prevent path traversal. However, it is not mentioned that a similar check must also be performed on the client to prevent client-side path traversal...

5.3CVSS6.6AI score0.00835EPSS
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2024/10/29 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox ESR 128.4 — Mozilla

A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. The origin of an external protocol handler prompt could have been...

7.5CVSS9.3AI score0.00701EPSS
Exploits0References10Affected Software1
Mozilla
Mozilla
added 2024/10/01 12:0 a.m.20 views

Security Vulnerabilities fixed in Firefox ESR 128.3 — Mozilla

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This access i...

9.8CVSS8.3AI score0.00561EPSS
Exploits0References12Affected Software1
Mozilla
Mozilla
added 2013/12/10 12:0 a.m.20 views

Mis-issued ANSSI/DCSSI certificate — Mozilla

Google notified Mozilla that an intermediate certificate, which chains up to a root included in Mozilla’s root store, was loaded into a man-in-the-middle MITM traffic management device. This certificate was issued by Agence nationale de la sécurité des systèmes d'information ANSSI, an agency of t...

6.7AI score
Exploits0References1Affected Software4
Mozilla
Mozilla
added 2005/04/15 12:0 a.m.20 views

Arbitrary code execution from Firefox sidebar panel II — Mozilla

Sites can use the search target to open links in the Firefox sidebar. Two missing security checks allow malicious scripts to first open a privileged page such as about:config and then inject script using a javascript: url. This could be used to install malicious code or steal data without user...

6.8AI score
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.20 views

SSL "secure site" indicator spoofing — Mozilla

Various schemes were reported that could cause the "secure site" lock icon to appear and show certificate details for the wrong site. These could be used by phishers to make their spoofs look more legitimate, particularly in windows that hide the address bar showing the true location...

7.1AI score
Exploits0References4Affected Software2
Mozilla
Mozilla
added 2005/01/21 12:0 a.m.20 views

Link opened in new tab can load a local file — Mozilla

Links with a custom getter and toString method can bypass checks intended to prevent web content from linking to local files and "chrome" URIs if the user can be convinced to middle-click or control-click to open it in a new tab. The browser's "same-origin" policy prevents the attacker's content...

6.4AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/01/21 12:0 a.m.20 views

Mail responds to cookie requests — Mozilla

Mozilla mail clients from March to December 2004 responded to cookie requests accompanying content loaded over HTTP, ignoring the setting of the preference "network.cookie.disableCookieForMailNews" disabled cookies are the default in mail...

6.9AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2025/04/29 12:0 a.m.19 views

Security Vulnerabilities fixed in Firefox ESR 115.23 — Mozilla

Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file...

9.1CVSS7.6AI score0.00534EPSS
Exploits0References4Affected Software1
Mozilla
Mozilla
added 2025/03/04 12:0 a.m.19 views

Security Vulnerabilities fixed in Thunderbird 136 — Mozilla

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could hav...

8.8CVSS8.4AI score0.00497EPSS
Exploits0References13Affected Software1
Mozilla
Mozilla
added 2005/07/12 12:0 a.m.19 views

XHTML node spoofing — Mozilla

Parts of the browser UI relied too much on DOM node names without taking different namespaces into account and verifying that nodes really were of the expected type. An XHTML document could be used to create fake elements, for example, with content-defined properties that the browser would access...

6.8AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/07/12 12:0 a.m.19 views

Exploitable crash in InstallVersion.compareTo — Mozilla

When InstallVersion.compareTo is passed an object rather than a string it assumed the object was another InstallVersion without verifying it. When passed a different kind of object the browser would generally crash with an access violation...

6.9AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.19 views

Autocomplete data leak — Mozilla

As users downarrow through autocomplete choices each is copied in turn into the input control. A malicious site could create a page that autocompletes some common data such as phone number or SSN and potentially convince a user to arrow through the values. Script on the page could watch the value...

6.7AI score
Exploits0References1Affected Software1
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.19 views

Unsafe /tmp/plugtmp directory exploitable to erase user's files — Mozilla

A predictable name is used for the plugin temporary directory. A malicious local user could symlink this to the victim's home directory and wait for the victim to run Firefox. When Firefox shuts down the victim's directory would be erased...

6.8AI score
Exploits0References1Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.19 views

Heap overflow possible in UTF8 to Unicode conversion — Mozilla

It is possible for a UTF8 string with invalid sequences to trigger a heap overflow of converted Unicode data. Exploitability would depend on the attackers ability to get the string into the buggy converter. General web content is converted elsewhere but we can't rule out the possibility of a...

7.1AI score
Exploits0References1Affected Software3
Mozilla
Mozilla
added 2026/05/12 12:0 a.m.18 views

Security Vulnerabilities fixed in Firefox 150.0.3 — Mozilla

CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component Reporter ggwhyp Impact high References Bug 2036978 CVE-2026-8389: JIT miscompilation in the JavaScript Engine: JIT component Reporter ggwhyp Impact high References Bug 2036983 CVE-2026-8390: Use-after-free in the...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References5Affected Software1
Mozilla
Mozilla
added 2025/05/27 12:0 a.m.18 views

Security Vulnerabilities fixed in Firefox ESR 115.24 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

5.4CVSS6.6AI score0.00513EPSS
Exploits0References4Affected Software1
Mozilla
Mozilla
added 2025/01/10 12:0 a.m.18 views

Security Vulnerabilities fixed in Firefox for iOS 134 — Mozilla

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References2Affected Software1
Mozilla
Mozilla
added 2024/10/01 12:0 a.m.18 views

Security Vulnerabilities fixed in Thunderbird 128.3 — Mozilla

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://pdf.js origin. This could allow them to access cross-origin PDF content. This access i...

9.8CVSS8.3AI score0.00561EPSS
Exploits0References12Affected Software1
Mozilla
Mozilla
added 2024/02/19 12:0 a.m.18 views

Security Vulnerabilities fixed in Focus for iOS 123 — Mozilla

Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting UXSS on a victim website, if the victim had a link to the attacker's website...

6.1CVSS6.4AI score0.00324EPSS
Exploits1References1Affected Software1
Mozilla
Mozilla
added 2005/07/12 12:0 a.m.18 views

Same origin violation: frame calling top.focus() — Mozilla

A child frame can call top.focus even if the framing page comes from a different origin and has overridden the focus routine. The call is made in the context of the child frame. The attacker would look for a target site with a framed page that makes this call but doesn't verify that its parent...

6.6AI score
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2005/05/11 12:0 a.m.18 views

"Wrapped" javascript: urls bypass security checks — Mozilla

Some security checks intended to prevent script injection were incorrect and could be bypassed by wrapping a javascript: url in the view-source: pseudo-protocol. Michael Krax demonstrated that a variant of his favicon exploit could still execute arbitrary code, and the same technique could also b...

7.8AI score
Exploits0References5Affected Software2
Mozilla
Mozilla
added 2005/02/24 12:0 a.m.18 views

Memory overwrite in string library — Mozilla

Daniel de Wildt discovered a memory handling flaw in Mozilla string classes that could overwrite memory at a fixed location if reallocation fails during string growth. This could theoretically lead to arbitrary code execution. Creating the exact conditions for exploitation--including running out ...

7.5AI score
Exploits0References2Affected Software3
Total number of security vulnerabilities1573