[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

247085

 
 

909

 
 

194218

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 14298 Download | Alert*

Mozilla Firefox 76, Mozilla Firefox ESR 68.8 and Mozilla Thunderbird 68.8 : A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash.

The host is installed with Google Chrome before 84.0.4147.89 or Microsoft Edge Chromium before 84.0.522.40 and is prone to an unknown vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.

Mozilla Firefox 80 : When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack.

Mozilla Firefox 80 : During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data.

Mozilla Firefox 80, Mozilla Firefox ESR 68.12, Mozilla Firefox ESR 78.2, Mozilla Thunderbird 68.12 and Mozilla Thunderbird 78.2 : If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with administrative privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the vers ...

Mozilla Firefox 80, Mozilla Firefox ESR 68.12, Mozilla Firefox ESR 78.2, Mozilla Thunderbird 68.12 and Mozilla Thunderbird 78.2 : By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an u ...

Mozilla Firefox 80 : Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors.

Mozilla Firefox 80 : When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. This level of information leakage is inconsistent with the standardized onerror/onsuccess disclosure and can lead to inferring login status to services or device discovery on a local network among other attacks.

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on ...

Mozilla Firefox before 58.0 or Firefox ESR before 52.6 or Thunderbird before 52.6 :- Mozilla developers and community members reported memory safety bugs present in Firefox, Firefox ESR and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.


Pages:      Start    9    10    11    12    13    14    15    16    17    18    19    20    21    22    ..   1429

© SecPod Technologies