Page 79 of 1315 results (0.009 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 91. Los desarrolladores de Mozilla y los miembros de la comunidad informaron de bugs de seguridad de memoria presentes en Firefox versión 90. Algunos de estos bugs mostraron evidencias de corrupción de la memoria y presumimos que con esfuerzo suficiente algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544190%2C1716481%2C1717778%2C1719319%2C1722073 https://security.gentoo.org/glsa/202202-03 https://www.mozilla.org/security/advisories/mfsa2021-33 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. Firefox trataba incorrectamente un elemento de lista en línea como un elemento de bloqueo, resultando en una lectura fuera de límites o una corrupción de la memoria, y un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Thunderbird versiones anteriores a 78.13, Thunderbird versiones anteriores a 91, Firefox ESR versiones anteriores a 78.13 y Firefox versiones anteriores a 91. • https://bugzilla.mozilla.org/show_bug.cgi?id=1717922 https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.mozilla.org/security/advisories/mfsa2021-33 https://www.mozilla.org/security/advisories/mfsa2021-34 https://www.mozilla.org/security/advisories/mfsa2021-35 https://www.mozilla.org/security/advisories/mfsa2021-36 https://access.redhat.com/security/cve/CVE-2021-29988 https://bugzilla.redhat.com/show_bug.cgi?id=1992419 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 1

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. *Note: This issue only affected Linux operating systems. Other operating systems are unaffected.* This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. Una supuesta condición de carrera cuando se llama a getaddrinfo que conllevaba a una corrupción de la memoria y un bloqueo potencialmente explotable. *Nota: Este problema sólo afectaba a los sistemas operativos Linux. • https://bugzilla.mozilla.org/show_bug.cgi?id=1696138 https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.mozilla.org/security/advisories/mfsa2021-33 https://www.mozilla.org/security/advisories/mfsa2021-34 https://www.mozilla.org/security/advisories/mfsa2021-35 https://www.mozilla.org/security/advisories/mfsa2021-36 https://access.redhat.com/security/cve/CVE-2021-29986 https://bugzilla.redhat.com/show_bug.cgi?id=1992417 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 1

Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91. Una reordenación de instrucciones resultaba en una secuencia de instrucciones que causaría que un objeto fuera considerado incorrectamente durante la recogida de basura. Esto conllevaba a una corrupción de la memoria y un bloqueo potencialmente explotable. • https://bugzilla.mozilla.org/show_bug.cgi?id=1720031 https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.mozilla.org/security/advisories/mfsa2021-33 https://www.mozilla.org/security/advisories/mfsa2021-34 https://www.mozilla.org/security/advisories/mfsa2021-35 https://www.mozilla.org/security/advisories/mfsa2021-36 https://access.redhat.com/security/cve/CVE-2021-29984 https://bugzilla.redhat.com/show_bug.cgi?id=1992420 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.13, Firefox ESR < 78.13, and Firefox < 91. Los desarrolladores de Mozilla informaron de bugs de seguridad de memoria presentes en Firefox 90 y Firefox ESR 78.12. Algunos de estos bugs mostraron evidencias de corrupción de la memoria y presumimos que con esfuerzo suficiente algunos de ellos podrían haber sido explotados para ejecutar código arbitrario. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1662676%2C1666184%2C1719178%2C1719998%2C1720568 https://security.gentoo.org/glsa/202202-03 https://security.gentoo.org/glsa/202208-14 https://www.mozilla.org/security/advisories/mfsa2021-33 https://www.mozilla.org/security/advisories/mfsa2021-34 https://www.mozilla.org/security/advisories/mfsa2021-35 https://access.redhat.com/security/cve/CVE-2021-29989 https://bugzilla.redhat.com/show_bug.cgi?id=1992423 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •