[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 17255 Download | Alert*

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4 : WebExtensions with the correct permissions were able to create and install ServiceWorkers for third-party websites that would not have been uninstalled with the extension.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks.

Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL.

Mozilla Thunderbird 91.4 : Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities.

Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame.

Mozilla Firefox 94, Mozilla Firefox ESR 91.3 and Thunderbird 91.3 : When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash.


Pages:      Start    899    900    901    902    903    904    905    906    907    908    909    910    911    912    ..   1725

© SecPod Technologies