Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.3 views

SUSE CVE-2015-4492

Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object...

7.5CVSS9.1AI score0.0505EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.5 views

SUSE CVE-2015-7200

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key...

7.5CVSS6.9AI score0.0214EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.3 views

SUSE CVE-2016-2801

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...

8.8CVSS7.5AI score0.02278EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.1 views

SUSE CVE-2016-2807

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown...

8.8CVSS8AI score0.04692EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.5 views

SUSE CVE-2016-5288

Web content could access information in the HTTP cache if e10s is disabled. This can reveal some visited URLs and the contents of those pages. This issue affects Firefox 48 and 49. This vulnerability affects Firefox 49.0.2...

5.9CVSS6.1AI score0.01798EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2017/01/25 9:31 a.m.5 views

Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01)

Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and...

9.8CVSS7.4AI score0.03295EPSS
Exploits0References5
OSV
OSV
added 2016/11/16 12:0 a.m.2 views

UBUNTU-CVE-2016-5290

Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 45.5, Firefox ESR 45.5, and Firef...

9.8CVSS7.4AI score0.0322EPSS
Exploits0References5
OSV
OSV
added 2016/09/22 12:0 a.m.4 views

UBUNTU-CVE-2016-5274

Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model...

9.8CVSS7.7AI score0.04091EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/06/08 5:0 p.m.7 views

Mozilla: Addressbar spoofing though the SELECT element (MFSA 2016-52)

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the address bar via a SELECT element with a persistent menu...

6.5CVSS7.4AI score0.02034EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/16 5:36 p.m.9 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...

8.8CVSS7.8AI score0.02923EPSS
Exploits0References5
OSV
OSV
added 2016/03/13 6:59 p.m.2 views

CVE-2016-1972

Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...

8.8CVSS7.4AI score0.01906EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.4 views

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...

8.8CVSS7.7AI score0.03868EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.4 views

Mozilla: Use-after-free when using multiple WebRTC data channels (MFSA 2016-25)

Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections...

10CVSS7.8AI score0.0597EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/03/09 5:11 a.m.9 views

Mozilla: Displayed page address can be overridden (MFSA 2016-21)

browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL...

4.3CVSS7.4AI score0.02235EPSS
Exploits0References5
CNVD
CNVD
added 2016/02/02 12:0 a.m.6 views

Mozilla Firefox Denial of Service Vulnerability (CNVD-2016-00848)

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the nsZipArchive function in versions of Mozilla Firefox prior to 44.0. A remote attacker could exploit this vulnerability to cause a denial of service with t...

9.3CVSS8.4AI score0.0297EPSS
Exploits0References1
Rows per page
Query Builder