4666 matches found
CVE-2018-5130
When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR 52.7 and Firefox 59...
CVE-2018-5103
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...
CVE-2017-7749
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...
CVE-2017-5459
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5404
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5377
A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox 51...
CVE-2016-9067
Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox 50...
Double free
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox 49.0.2...
Design/Logic Flaw
A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR 45.6 and Thunderbird 45.6...
Design/Logic Flaw
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Firefox 58...
Design/Logic Flaw
A use-after-free can occur when events are fired for a "FontFace" object after the object has been already been destroyed while working with fonts. This results in a potentially exploitable crash. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
Design/Logic Flaw
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1,...
Design/Logic Flaw
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
CVE-2016-5292
During URL parsing, a maliciously crafted URL can cause a potentially exploitable crash. This vulnerability affects Firefox 50...
CVE-2016-5287
A potentially exploitable use-after-free crash during actor destruction with service workers. This issue does not affect releases earlier than Firefox 49. This vulnerability affects Firefox 49.0.2...
Remote code execution
A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...
CVE-2017-5439
A use-after-free vulnerability during XSLT processing due to poor handling of template parameters. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-5446
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content. This leads to a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...
CVE-2017-7752
A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...
CVE-2017-7806
A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox 55...