VYPR

Vendor CVEs

Mozilla Corporation

All CVEs

3,628 total · sorted by risk
  • CVE-2023-29547MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability…

  • CVE-2023-29544MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

  • CVE-2023-29535MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox…

  • CVE-2023-28164MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

  • CVE-2023-28163MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. *This bug only affects Firefox on Windows. Other versions of Firefox are…

  • CVE-2023-28160MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.

  • CVE-2023-25752MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

  • CVE-2023-25751MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.

  • CVE-2023-25742MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

  • CVE-2023-25741MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects…

  • CVE-2023-25738MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Members of the DEVMODEW struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.*This bug only affects Firefox on…

  • CVE-2023-25728MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

  • CVE-2023-23604MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    A duplicate `SystemPrincipal` object could be created when parsing a non-system html document via `DOMParser::ParseFromSafeString`. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.

  • CVE-2023-23603MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Regular expressions used to filter out forbidden properties and values from style directives in calls to `console.log` weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Firefox ESR <…

  • CVE-2023-23602MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Firefox ESR < 102.7,…

  • CVE-2023-23601MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

  • CVE-2023-23600MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    Per origin notification permissions were being stored in a way that didn't take into account what browsing context the permission was granted in. This lead to the possibility of notifications to be displayed during different browsing sessions. *This bug only affects Firefox for…

  • CVE-2023-23599MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.

  • CVE-2023-23598MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to `DataTransfer.setData`. This vulnerability affects Firefox < 109, Firefox ESR <…

  • CVE-2023-23597MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the `file://` context. Given a reliable exploit primitive, this new process could be exploited again leading to arbitrary file read. This…

  • CVE-2023-1945MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.01

    Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10.

  • CVE-2023-0616MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted…

  • CVE-2023-0547MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird < 102.10.

  • CVE-2023-0430MedJun 2, 2023
    risk 0.42cvss 6.5epss 0.00

    Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird <…

  • CVE-2022-46880MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    A missing check related to tex units could have led to a use-after-free and potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after we better understood the impact of the issue. The fix was included in the original release of Firefox 105.…

  • CVE-2022-46875MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. *Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108,…

  • CVE-2022-45420MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

  • CVE-2022-45419MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted.…

  • CVE-2022-45416MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. Cache-based timing attacks such as Prime+Probe could have possibly figured out which keys were being pressed. This vulnerability affects Firefox ESR < 102.5, Thunderbird <…

  • CVE-2022-45410MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This…

  • CVE-2022-45408MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and…

  • CVE-2022-45405MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Freeing arbitrary nsIInputStream's on a different thread than creation could have led to a use-after-free and potentially exploitable crash. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107.

  • CVE-2022-45404MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Through a series of popup and window.print() calls, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR < 102.5,…

  • CVE-2022-45403MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. This vulnerability affects Firefox…

  • CVE-2022-42929MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird…

  • CVE-2022-40961MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.*This issue only affects Firefox for Android. Other operating systems are not affected.*. This vulnerability affects Firefox < 105.

  • CVE-2022-40960MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Concurrent use of the URL parser with non-UTF-8 data was not thread-safe. This could lead to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

  • CVE-2022-40959MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

  • CVE-2022-40958MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR < 102.3,…

  • CVE-2022-40957MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    Inconsistent data in instruction and data cache when creating wasm code could lead to a potentially exploitable crash.*This bug only affects Firefox on ARM64 platforms.*. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

  • CVE-2022-3032MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was…

  • CVE-2022-38475MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox < 104.

  • CVE-2022-38472MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    An attacker could have abused XSLT error handling to associate attacker-controlled content with another origin which was displayed in the address bar. This could have been used to fool the user into submitting data intended for the spoofed origin. This vulnerability affects…

  • CVE-2022-36317MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects…

  • CVE-2022-34479MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. *This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This…

  • CVE-2022-34478MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none…

  • CVE-2022-34471MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    When downloading an update for an addon, the downloaded addon update's version was not verified to match the version selected from the manifest. If the manifest had been tampered with on the server, an attacker could trick the browser into downgrading the addon to a prior…

  • CVE-2022-31746MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.

  • CVE-2022-31744MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.01

    An attacker could have injected CSS into stylesheets accessible via internal URIs, such as resource:, and in doing so bypass a page's Content Security Policy. This vulnerability affects Firefox ESR < 91.11, Thunderbird < 102, Thunderbird < 91.11, and Firefox < 101.

  • CVE-2022-31743MedDec 22, 2022
    risk 0.42cvss 6.5epss 0.00

    Firefox's HTML parser did not correctly interpret HTML comment tags, resulting in an incongruity with other browsers. This could have been used to escape HTML comments on pages that put user-controlled data in them. This vulnerability affects Firefox < 101.

Page 26 of 73