A remote attacker can trick the victim to open a specially crafted web page, trigger a race condition and execute arbitrary code. The vulnerability exists due to a use-after-free error when releasing platform objects. The vulnerability allows a remote attacker to compromise vulnerable system. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack. The vulnerability exists due to application does not properly control consumption of internal resources when parsing HTML with DOMParser. The vulnerability allows a remote attacker to perform a denial of service (DoS) attack. A remote attacker can trick the victim into granting permissions. The vulnerability exists due to an error in popup notifications delay calculation. The vulnerability allows a remote attacker to perform clickjacking attacks. A remote attacker can trick the victim into opening a malicious web page and execute arbitrary code on the system.įirefox for Android: 100.1.0 - 115.2.1 CPE2.3ģ) Insufficient UI Warning of Dangerous OperationsĬWE-ID: CWE-357 - Insufficient UI Warning of Dangerous Operations The vulnerability exists due to usage of incorrect values during WASM compilation, resulting in a state value to be used for a global variable in WASM JIT analysis in the content process. The vulnerability allows a remote attacker to compromise the affected system. Is there known malware, which exploits this vulnerability?
How the attacker can exploit this vulnerability? A remote attacker can violation the same-origin policy and access image data from another website.
The vulnerability exists due to improper tracking of cross-origin tainting in Offscreen Canvas. The vulnerability allows a remote attacker to bypass implemented security restrictions. CWE-ID: CWE-346 - Origin Validation Error
0 kommentar(er)
