884 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability affects Firefox < 132 and Thunderbird < 132. • https://bugzilla.mozilla.org/show_bug.cgi?id=1914982 https://www.mozilla.org/security/advisories/mfsa2024-55 https://www.mozilla.org/security/advisories/mfsa2024-59 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. ... This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. ... The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706 https://www.mozilla.org/security/advisories/mfsa2024-55 https://www.mozilla.org/security/advisories/mfsa2024-56 https://www.mozilla.org/security/advisories/mfsa2024-58 https://www.mozilla.org/security/advisories/mfsa2024-59 https://access.redhat.com/security/cve/CVE-2024-10467 https://bugzilla.redhat.com/show_bug.cgi?id=2322433 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •

CVSS: 9.1EPSS: 0%CPEs: -EXPL: 0

Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=1904885 https://www.mozilla.org/security/advisories/mfsa2024-54 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1

This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. ... This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. A remote code execution vulnerability was found in Firefox and Thunderbird. ... Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process. • https://github.com/tdonaworth/Firefox-CVE-2024-9680 https://bugzilla.mozilla.org/show_bug.cgi? • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. ... This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. ... The Mozilla Foundation's Security Advisory describes the issue as follows: Memory safety bugs are present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://access.redhat.com/security/cve/CVE-2024-9402 https://bugzilla.redhat.com/show_bug.cgi?id=2315951 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •