Page 14 of 2106 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. Durante la compilación de Ion, una Recolección de Basura podría haber resultado en una condición de use-after-free, lo que permitiría a un atacante escribir dos bytes NUL y provocar un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox &lt; 118, Firefox ESR &lt; 115.3 y Thunderbird &lt; 115.3. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1851599 https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD https://www.debian.org/security/2023/dsa-5506 https://www.debian.org/security/2023/dsa-5513 https://www.mozilla.org/security/advisories/mfsa2023-41 https://www.mozilla.org/security/advisor • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. Un proceso de contenido comprometido podría haber proporcionado datos maliciosos en un `PathRecording`, lo que habría resultado en una escritura fuera de los límites, lo que habría provocado una falla potencialmente explotable en un proceso privilegiado. Esta vulnerabilidad afecta a Firefox &lt; 118, Firefox ESR &lt; 115.3 y Thunderbird &lt; 115.3. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1846685 https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD https://www.debian.org/security/2023/dsa-5506 https://www.debian.org/security/2023/dsa-5513 https://www.mozilla.org/security/advisories/mfsa2023-41 https://www.mozilla.org/security/advisor • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. Un proceso de contenido comprometido podría haber proporcionado datos maliciosos a `FilterNodeD2D1`, lo que habría resultado en una escritura fuera de los límites, lo que habría provocado una falla potencialmente explotable en un proceso privilegiado. *Este error sólo afecta a Firefox en Windows. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox &lt; 118, Firefox ESR &lt; 115.3 y Thunderbird &lt; 115.3. • https://bugzilla.mozilla.org/show_bug.cgi?id=1846683 https://www.mozilla.org/security/advisories/mfsa2023-41 https://www.mozilla.org/security/advisories/mfsa2023-42 https://www.mozilla.org/security/advisories/mfsa2023-43 • CWE-787: Out-of-bounds Write •

CVSS: 9.6EPSS: 44%CPEs: 16EXPL: 12

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) El desbordamiento del búfer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library. Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. • https://github.com/alsaeroth/CVE-2023-4863-POC https://github.com/mistymntncop/CVE-2023-4863 https://github.com/LiveOverflow/webp-CVE-2023-4863 https://github.com/bbaranoff/CVE-2023-4863 https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863 https://github.com/huiwen-yayaya/CVE-2023-4863 https://github.com/CrackerCat/CVE-2023-4863- https://github.com/sarsaeroth/CVE-2023-4863-POC http://www.openwall.com/lists/oss-security/2023/09/21/4 http://www.openwall.com/list • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. *This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Debido a que las grandes comprobaciones de asignación en Angle para que los sombreadores glsl sean demasiado indulgentes, se podría haber producido un desbordamiento del búfer al asignar demasiada memoria de sombreado privada en Mac OS. *Este error sólo afecta a Firefox en macOS. Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox &lt; 117, Firefox ESR &lt; 115.2 y Thunderbird &lt; 115.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=1773874 https://www.mozilla.org/security/advisories/mfsa2023-34 https://www.mozilla.org/security/advisories/mfsa2023-36 https://www.mozilla.org/security/advisories/mfsa2023-38 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •