CVE-2023-4045 - How OffscreenCanvas Bypassed Same-Origin Policy in Firefox (Full Details and Exploit Guide)
TL;DR:
A security bug in Firefox (before version 116, ESR < 102.14 & < 115.1) let attackers use *OffscreenCanvas* to read pixels
CVE-2023-4050 - Untrusted Input Stream Stack Buffer Overflow Vulnerability in Firefox
A new security vulnerability, CVE-2023-4050, has been discovered in Mozilla Firefox. In certain situations, an untrusted input stream was copied to a stack buffer without
CVE-2023-4047 - How a Firefox Notification Delay Bug Could Trick You Into Granting Dangerous Permissions
When you’re browsing the web, your browser tries to protect you from shady sites asking for too much. Those “Allow Notifications?” popups are supposed
CVE-2023-3600: Analyzing the Use-After-Free Vulnerability in the Worker Lifecycle of Firefox and Thunderbird
Recently, a use-after-free vulnerability has been discovered in Firefox and Thunderbird, which could lead to a potentially exploitable crash. This vulnerability, assigned as CVE-2023-3600, affects
CVE-2023-34414 - How Missing Activation Delay on Firefox Certificate Error Pages Opened the Door to User Exploitation
_Summary:_
In 2023, security researchers discovered CVE-2023-34414, a vulnerability in Firefox and Thunderbird, where the error page for sites with invalid TLS certificates failed to
Episode
00:00:00
00:00:00