Описание
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- Security vulnerability in the Graphics: WebRender component can be exploited to bypass security restrictions.
- Memory safety bug fixed in Firefox ESR 115
- A remote code execution vulnerability in the Networking: HTTP component can be exploited remotely to execute arbitrary code.
- Denial of service vulnerability in the Web Audio component can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in the Graphics: WebGPU component can be exploited remotely to execute arbitrary code.
- Security vulnerability in the DOM: Workers component can be exploited to bypass security restrictions.
- Security vulnerability in the DOM: Navigation component can be exploited to bypass security restrictions.
- Security vulnerability in the Security: Process Sandboxing component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Networking component can be exploited remotely to cause denial of service.
- Memory safety bug fixed in Firefox 152
- JIT miscompilation in the DOM: Core & HTML component
- Security vulnerability in the DOM: Security component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Graphics: WebGPU component can be exploited remotely to cause denial of service.
- Security vulnerability in the Networking: Cookies component can be exploited to bypass security restrictions.
- Denial of service vulnerability in the Libraries component in NSS can be exploited remotely to cause denial of service.
- Denial of service vulnerability in the Audio/Video: Playback component can be exploited remotely to cause denial of service.
- Information disclosure vulnerability in the Password Manager component can be exploited to obtain sensitive information.
- JIT miscompilation in the JavaScript: WebAssembly component
- Clickjacking issue in the Widget: Gtk component
- Security UI vulnerability in the DOM: Core & HTML component can be exploited to spoof user interface.
- Denial of service vulnerability in the Graphics: CanvasWebGL component can be exploited remotely to cause denial of service.
- Denial of service vulnerability in the Graphics: ImageLib component can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Firefox 152 and Thunderbird 152 can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Firefox ESR 140 can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Firefox ESR 115 can be exploited remotely to execute arbitrary code.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2026-12289 critical
- CVE-2026-12290 critical
- CVE-2026-12291 critical
- CVE-2026-12292 critical
- CVE-2026-12293 critical
- CVE-2026-12294 critical
- CVE-2026-12295 critical
- CVE-2026-12296 critical
- CVE-2026-12297 critical
- CVE-2026-12298 critical
- CVE-2026-12299 critical
- CVE-2026-12300 high
- CVE-2026-12301 high
- CVE-2026-12302 high
- CVE-2026-12303 warning
- CVE-2026-12304 critical
- CVE-2026-12305 critical
- CVE-2026-12306 high
- CVE-2026-12307 high
- CVE-2026-12308 high
- CVE-2026-12309 high
- CVE-2026-12310 critical
- CVE-2026-12311 warning
- CVE-2026-12312 critical
- CVE-2026-12313 warning
- CVE-2026-12314 critical
- CVE-2026-12315 critical
- CVE-2026-12316 critical
- CVE-2026-12317 critical
- CVE-2026-12318 high
- CVE-2026-12319 high
- CVE-2026-12320 warning
- CVE-2026-12321 high
- CVE-2026-12322 high
- CVE-2026-12323 high
- CVE-2026-12324 high
- CVE-2026-12325 high
- CVE-2026-12326 critical
- CVE-2026-12327 critical
- CVE-2026-12328 critical
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!