CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29961 – Gentoo Linux Security Advisory 202107-09
https://notcve.org/view.php?id=CVE-2021-29961
24 Jun 2021 — When styling and rendering an oversized `
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29962
https://notcve.org/view.php?id=CVE-2021-29962
24 Jun 2021 — Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. Firefox para Android se volvía inestable y difícil de recuperar cuando un sitio web abría demasiadas ventanas emergentes. • https://bugzilla.mozilla.org/show_bug.cgi?id=1701673 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29963
https://notcve.org/view.php?id=CVE-2021-29963
24 Jun 2021 — Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. Las sugerencias de búsqueda de la barra de direcciones en el modo de navegación privada reusaban los datos de la sesión del modo normal. • https://bugzilla.mozilla.org/show_bug.cgi?id=1705068 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29964
https://notcve.org/view.php?id=CVE-2021-29964
24 Jun 2021 — A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Un programa hostil instalado localmente podría enviar mensajes "WM_COPYDATA" que Firefox procesaría incorrectamente, conllevando una lectura fuera de límites. • https://bugzilla.mozilla.org/show_bug.cgi?id=1706501 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29965
https://notcve.org/view.php?id=CVE-2021-29965
24 Jun 2021 — A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. Un sitio web malicioso que causa que se genere un diálogo de autenticación HTTP podría engañar al gestor de contraseñas integrado para sugerir contraseñas para el ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1709257 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29968
https://notcve.org/view.php?id=CVE-2021-29968
24 Jun 2021 — When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1. Al dibujar texto en un lienzo con WebRender desactivado, podía producirse una lectura fuera de los límites. • https://bugzilla.mozilla.org/show_bug.cgi?id=1712047 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-30547 – chromium-browser: Out of bounds write in ANGLE
https://notcve.org/view.php?id=CVE-2021-30547
15 Jun 2021 — Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una escritura fuera de límites en ANGLE en Google Chrome versiones anteriores a 91.0.4472.101 permitía a un atacante remoto potencialmente llevar a cabo un acceso a la memoria fuera de límites por medio de una página HTML diseñada It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS han... • https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29967 – Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11
https://notcve.org/view.php?id=CVE-2021-29967
03 Jun 2021 — Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Los desarrolladores de Mozilla han reportado bugs de seguridad de memoria presentes en Firefox versión 88 y Firefox ESR versión 78.11. Algunos de estos bugs mostraban evidenci... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1602862%2C1703191%2C1703760%2C1704722%2C1706041 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29966 – Ubuntu Security Notice USN-4978-1
https://notcve.org/view.php?id=CVE-2021-29966
03 Jun 2021 — Mozilla developers reported memory safety bugs present in Firefox 88. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 89. Los desarrolladores de Mozilla han reportado bugs de seguridad de memoria presentes en Firefox versión 88. Algunos de estos bugs mostraban evidencias de corrupción de memoria y presumimos que con suficiente esfuerzo algunos de ellos podrían ha... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1660307%2C1686154%2C1702948%2C1708124 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29960 – Ubuntu Security Notice USN-4978-1
https://notcve.org/view.php?id=CVE-2021-29960
03 Jun 2021 — Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The caching and suggestion techniques combined may have lead to the title of a website visited during private browsing mode being stored on disk. This vulnerability affects Firefox < 89. Firefox solía almacenar en caché el último nombre de archivo utilizado para imprimir un archivo. • https://bugzilla.mozilla.org/show_bug.cgi?id=1675965 • CWE-669: Incorrect Resource Transfer Between Spheres •