Search
Total
915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7809 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7802 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7801 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7800 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7792 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7791 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7787 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 5.0 MEDIUM | 7.5 HIGH |
| Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7786 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7785 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7784 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7753 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-7758 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-03 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7754 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7752 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 6.8 MEDIUM | 8.8 HIGH |
| A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7751 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-5472 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7750 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7749 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-5470 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2. | |||||
| CVE-2017-7828 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use. This results in a potentially exploitable crash during these operations. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. | |||||
| CVE-2017-5396 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired after the media elements are freed from memory. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5383 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5380 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| A potential use-after-free found through fuzzing during DOM manipulation of SVG content. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5378 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 5.0 MEDIUM | 7.5 HIGH |
| Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5376 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5375 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Firefox, Firefox Esr and 4 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2017-5373 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Firefox, Firefox Esr and 4 more | 2018-08-02 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2016-9064 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-08-01 | 4.3 MEDIUM | 5.9 MEDIUM |
| Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. An attacker who could perform a man-in-the-middle attack on the user's connection to the update server and defeat the certificate pinning protection could provide a malicious signed add-on instead of a valid update. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50. | |||||
| CVE-2016-9897 | 3 Debian, Mozilla, Redhat | 6 Debian Linux, Firefox, Firefox Esr and 3 more | 2018-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. | |||||
| CVE-2016-9901 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Enterprise Linux Aus and 4 more | 2018-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1. | |||||
| CVE-2016-9904 | 3 Debian, Mozilla, Redhat | 7 Debian Linux, Firefox, Firefox Esr and 4 more | 2018-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. | |||||
| CVE-2017-7826 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2018-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57, Firefox ESR < 52.5, and Thunderbird < 52.5. | |||||
| CVE-2017-5398 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Thunderbird 45.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | |||||
| CVE-2017-7810 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2018-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. | |||||
| CVE-2017-7779 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-01 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2017-5407 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-07-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| Using SVG filters that don't use the fixed point math implementation on a target iframe, a malicious page can extract pixel values from a targeted user. This can be used to extract history information and read text values across domains. This violates same-origin policy and leads to information disclosure. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | |||||
| CVE-2017-5467 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2016-9066 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5297 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5296 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5294 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2018-07-30 | 2.1 LOW | 5.5 MEDIUM |
| The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5293 | 3 Debian, Microsoft, Mozilla | 4 Debian Linux, Windows, Firefox and 1 more | 2018-07-30 | 2.1 LOW | 5.5 MEDIUM |
| When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox ESR < 45.5 and Firefox < 50. | |||||
| CVE-2016-5291 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 4.9 MEDIUM | 5.5 MEDIUM |
| A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5290 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5277 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation. | |||||
| CVE-2016-5278 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. | |||||
| CVE-2016-5270 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion. | |||||
| CVE-2016-5272 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2016-5257 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2016-5274 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation. | |||||