When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability…

The constructed curl command from the “Copy as curl” feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection…

Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. Zafiyet…

A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox…

IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force…

If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the…

Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free causing…

Applying a CSS filter effect could have accessed out of bounds memory. This could have lead to a heap-buffer-overflow causing a potentially exploitable crash. This…

Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox…

Certain network request objects were freed too early when releasing a network request handle. This could have lead to a use-after-free causing a potentially exploitable…