CVE-2020-26969

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83...

CVE-2020-26960

If the Compact method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

CVE-2020-26963

Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox 83...

CVE-2020-26950

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2...

CVE-2020-15667

When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controll...

CVE-2020-15674

Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 81...

CVE-2020-15650

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings but not access the previous profile. Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects...

CVE-2020-15661

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...

CVE-2020-15647

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for Android...

CVE-2020-15662

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...

CVE-2020-15653

An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR 78.1, Firefox 79, and...

CVE-2020-12420

When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR 68.10, Firefox 78, and Thunderbird 68.10.0...

CVE-2020-12425

Due to confusion processing a hyphen character in Date.parse, a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox 78...

CVE-2020-12409

When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox 77...

CVE-2020-6463

Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2020-12396

Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 76...

CVE-2020-6819

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird 68.7.0, Firefox 74.0.1, and Firefox ESR 68.6.1...

CVE-2020-6805

When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 68.6, Firefox 74, Firefox ESR68.6, and Firefox ESR 68.6...

CVE-2020-6801

Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 73...