Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.3 views

SUSE CVE-2016-2801

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...

8.8CVSS7.5AI score0.02278EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2017/01/25 9:31 a.m.4 views

Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01)

Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and...

9.8CVSS7.4AI score0.03295EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/16 5:36 p.m.9 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...

8.8CVSS7.8AI score0.02923EPSS
Exploits0References5
OSV
OSV
added 2016/03/13 6:59 p.m.1 views

CVE-2016-1972

Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

8.8CVSS7.4AI score0.01906EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.4 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...

8.8CVSS7.7AI score0.03868EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.8 views

Mozilla: Displayed page address can be overridden (MFSA 2016-21)

browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL...

4.3CVSS7.4AI score0.02235EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.4 views

Mozilla: Use-after-free when using multiple WebRTC data channels (MFSA 2016-25)

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections...

10CVSS7.8AI score0.0597EPSS
Exploits0References5
Rows per page
Query Builder