[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 14840 Download | Alert*

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When <code>flex-basis</code> was used on a table wrapper, a <code>StyleGenericFlexBasis</code> object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash.

Mozilla Firefox 84, Mozilla Firefox ESR 78.7, Mozilla Thunderbird 78.7: When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.

Mozilla Firefox 84 : When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: When an extension with the proxy permission registered to receive <code><all_urls></code>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead.

Mozilla Firefox 84, Mozilla Firefox ESR 78.6, Mozilla Thunderbird 78.6: Mozilla developer Christian Holler reported memory safety bugs present in Firefox 83 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Mozilla Firefox 84 : Mozilla developers Christian Holler, Jan-Ivar Bruaroey, and Gabriele Svelto reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

The host is installed with Google Chrome before 68.0.3440.75 or Mozilla Firefox before 70.0 and is prone to a heap buffer overflow vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via <code>drop</code> event data. This allows for the theft of b ...


Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   1483

© SecPod Technologies