8 matches found
MiracleLinux 4 : firefox-52.5.0-1.0.1.AXS4 (AXSA:2017-2420:06)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2420:06 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...
DEBIAN-CVE-2024-9399
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...
CVE-2023-4573
When receiving rendering data over IPC mStream could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
SUSE CVE-2018-12385
A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in combination with another vulnerability allowing an attacker to write data into the local cache or from locally...
UBUNTU-CVE-2022-3266
An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...
CVE-2020-12422
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...
Denial Of Service (DoS)
firefox/thunderbird is vulnerable to denial of service. An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash...
CVE-2016-5287
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox 49.0.2...