Page 83 of 1452 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. Las sugerencias de búsqueda de la barra de direcciones en el modo de navegación privada reusaban los datos de la sesión del modo normal. • https://bugzilla.mozilla.org/show_bug.cgi?id=1705068 https://www.mozilla.org/security/advisories/mfsa2021-23 • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0

A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. Un programa hostil instalado localmente podría enviar mensajes "WM_COPYDATA" que Firefox procesaría incorrectamente, conllevando una lectura fuera de límites. • https://bugzilla.mozilla.org/show_bug.cgi?id=1706501 https://www.mozilla.org/security/advisories/mfsa2021-23 https://www.mozilla.org/security/advisories/mfsa2021-24 https://www.mozilla.org/security/advisories/mfsa2021-26 • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. Un sitio web malicioso que causa que se genere un diálogo de autenticación HTTP podría engañar al gestor de contraseñas integrado para sugerir contraseñas para el sitio web actualmente activo en lugar del sitio web que desencadenó el diálogo. • https://bugzilla.mozilla.org/show_bug.cgi?id=1709257 https://www.mozilla.org/security/advisories/mfsa2021-23 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1. Al dibujar texto en un lienzo con WebRender desactivado, podía producirse una lectura fuera de los límites. • https://bugzilla.mozilla.org/show_bug.cgi?id=1712047 https://www.mozilla.org/security/advisories/mfsa2021-27 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Una escritura fuera de límites en ANGLE en Google Chrome versiones anteriores a 91.0.4472.101 permitía a un atacante remoto potencialmente llevar a cabo un acceso a la memoria fuera de límites por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html https://crbug.com/1210414 https://lists.debian.org/debian-lts-announce/2021/07/msg00009.html https://lists.debian.org/debian-lts-announce/2021/07/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ETMZL6IHCTCTREEL434BQ4THQ7EOHJ43 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PAT6EOXVQFE6JFMFQF4IKAOUQSHMHL54 https://security.gentoo.org/gl • CWE-787: Out-of-bounds Write •