Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.55%
  • Veröffentlicht 01.08.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:18

A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

  • EPSS 0.58%
  • Veröffentlicht 01.08.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:18

The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation ...

  • EPSS 0.66%
  • Veröffentlicht 01.08.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:18

A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 11...

  • EPSS 0.53%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115...

  • EPSS 1.01%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox...

  • EPSS 0.58%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

  • EPSS 0.83%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

  • EPSS 0.48%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.

  • EPSS 0.54%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 18.12.2025 16:15:49

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.

  • EPSS 0.3%
  • Veröffentlicht 12.07.2023 14:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.