Vulnerabilities in Mozilla

1,860 results
CVE-2019-9820A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially explEPSS 1.6%CVE-2019-11711When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomaiEPSS 1.6%CVE-2020-15667When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading tEPSS 1.6%CVE-2019-9793A mechanism was discovered that removes some bounds checking for string, array, or typed array accesses if Spectre mitigations have been disEPSS 1.6%CVE-2017-7825Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be usEPSS 1.6%CVE-2018-5172The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewinEPSS 1.6%CVE-2018-18511Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *NoteEPSS 1.6%CVE-2021-38509Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be dEPSS 1.6%CVE-2021-43539Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing EPSS 1.6%CVE-2017-7813Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usuEPSS 1.6%CVE-2018-12398By using the reflected URL in some special resource URIs, such as chrome:, it is possible to inject stylesheets and bypass Content Security EPSS 1.6%CVE-2020-12426Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corEPSS 1.6%CVE-2020-6823A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the PromiEPSS 1.6%CVE-2017-7831A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism oEPSS 1.6%CVE-2019-11691A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called aEPSS 1.6%CVE-2018-5141A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user intEPSS 1.6%CVE-2019-11692A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potenEPSS 1.6%CVE-2018-5111When the text of a specially formatted URL is dragged to the addressbar from page content, the displayed URL can be spoofed to show a differEPSS 1.6%CVE-2021-43545Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, FiEPSS 1.6%CVE-2018-5164Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME typeEPSS 1.6%