Information on source package firefox

Available versions

ReleaseVersion
sid123.0.1-1

Open unimportant issues

BugsidDescription
CVE-2023-5217vulnerableHeap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ...
CVE-2019-12383vulnerableTor Browser before 8.0.1 has an information exposure vulnerability. It ...
CVE-2005-4685vulnerableFirefox and Mozilla can associate a cookie with multiple domains when ...
CVE-2005-2395vulnerableMozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ...
CVE-2004-1639vulnerableMozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows re ...

Resolved issues

BugDescription
CVE-2024-26283An attacker could have executed unauthorized scripts on top origin sit ...
CVE-2024-26282Using an AMP url with a canonical element, an attacker could have exec ...
CVE-2024-26281Upon scanning a JavaScript URI with the QR code scanner, an attacker c ...
CVE-2024-1557Memory safety bugs present in Firefox 122. Some of these bugs showed e ...
CVE-2024-1556The incorrect object was checked for NULL in the built-in profiler, po ...
CVE-2024-1555When opening a website using the `firefox://` protocol handler, SameSi ...
CVE-2024-1554The `fetch()` API and navigation incorrectly shared the same cache, as ...
CVE-2024-1553Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thun ...
CVE-2024-1552Incorrect code generation could have led to unexpected numeric convers ...
CVE-2024-1551Set-Cookie response headers were being incorrectly honored in multipar ...
CVE-2024-1550A malicious website could have used a combination of exiting fullscree ...
CVE-2024-1549If a website set a large custom cursor, portions of the cursor could h ...
CVE-2024-1548A website could have obscured the fullscreen notification by using a d ...
CVE-2024-1547Through a series of API calls and redirects, an attacker-controlled al ...
CVE-2024-1546When storing and re-accessing data on a networking channel, the length ...
CVE-2024-0953When a user scans a QR Code with the QR Code Scanner feature, the user ...
CVE-2024-0755Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thun ...
CVE-2024-0754Some WASM source files could have caused a crash when loaded in devtoo ...
CVE-2024-0753In specific HSTS configurations an attacker could have bypassed HSTS o ...
CVE-2024-0752A use-after-free crash could have occurred on macOS if a Firefox updat ...
CVE-2024-0751A malicious devtools extension could have been used to escalate privil ...
CVE-2024-0750A bug in popup notifications delay calculation could have made it poss ...
CVE-2024-0749A phishing site could have repurposed an `about:` dialog to show phish ...
CVE-2024-0748A compromised content process could have updated the document URI. Thi ...
CVE-2024-0747When a parent page loaded a child in an iframe with `unsafe-inline`, t ...
CVE-2024-0746A Linux user opening the print preview dialog could have caused the br ...
CVE-2024-0745The WebAudio `OscillatorNode` object was susceptible to a stack buffer ...
CVE-2024-0744In some circumstances, JIT compiled code could have dereferenced a wil ...
CVE-2024-0743An unchecked return value in TLS handshake code could have caused a po ...
CVE-2024-0742It was possible for certain browser prompts and dialogs to be activate ...
CVE-2024-0741An out of bounds write in ANGLE could have allowed an attacker to corr ...
CVE-2023-49061An attacker could have performed HTML template injection via Reader Mo ...
CVE-2023-49060An attacker could have accessed internal pages or data by ex-filtratin ...
CVE-2023-37456The session restore helper crashed whenever there was no parameter sen ...
CVE-2023-37455The permission request prompt from the site in the background tab was ...
CVE-2023-37212Memory safety bugs present in Firefox 114. Some of these bugs showed e ...
CVE-2023-37211Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thu ...
CVE-2023-37210A website could prevent a user from exiting full-screen mode via alert ...
CVE-2023-37209A use-after-free condition existed in `NotifyOnHistoryReload` where a ...
CVE-2023-37208When opening Diagcab files, Firefox did not warn the user that these f ...
CVE-2023-37207A website could have obscured the fullscreen notification by using a U ...
CVE-2023-37206Uploading files which contain symlinks may have allowed an attacker to ...
CVE-2023-37205The use of RTL Arabic characters in the address bar may have allowed f ...
CVE-2023-37204A website could have obscured the fullscreen notification by using an ...
CVE-2023-37203Insufficient validation in the Drag and Drop API in conjunction with s ...
CVE-2023-37202Cross-compartment wrappers wrapping a scripted proxy could have caused ...
CVE-2023-37201An attacker could have triggered a use-after-free condition when creat ...
CVE-2023-34417Memory safety bugs present in Firefox 113. Some of these bugs showed e ...
CVE-2023-34416Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thu ...
CVE-2023-34415When choosing a site-isolated process for a document loaded from a dat ...
CVE-2023-34414The error page for sites with invalid TLS certificates was missing the ...
CVE-2023-32216Memory safety bugs present in Firefox 112. Some of these bugs showed ...
CVE-2023-32215Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some ...
CVE-2023-32214Protocol handlers `ms-cxh` and `ms-cxh-full` could have been leveraged ...
CVE-2023-32213When reading a file, an uninitialized value could have been used as re ...
CVE-2023-32212An attacker could have positioned a <code>datalist</code> element to o ...
CVE-2023-32211A type checking bug would have led to invalid code being compiled. Thi ...
CVE-2023-32210Documents were incorrectly assuming an ordering of principal objects w ...
CVE-2023-32209A maliciously crafted favicon could have led to an out of memory crash ...
CVE-2023-32208Service workers could reveal script base URL due to dynamic `import()` ...
CVE-2023-32207A missing delay in popup notifications could have made it possible for ...
CVE-2023-32206An out-of-bound read could have led to a crash in the RLBox Expat driv ...
CVE-2023-32205In multiple cases browser prompts could have been obscured by popups c ...
CVE-2023-29551Memory safety bugs present in Firefox 111. Some of these bugs showed e ...
CVE-2023-29550Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some ...
CVE-2023-29549Under certain circumstances, a call to the <code>bind</code> function ...
CVE-2023-29548A wrong lowering instruction in the ARM64 Ion compiler resulted in a w ...
CVE-2023-29547When a secure cookie existed in the Firefox cookie jar an insecure coo ...
CVE-2023-29546When recording the screen while in Private Browsing on Firefox for And ...
CVE-2023-29545Similar to CVE-2023-28163, this time when choosing 'Save Link As', sug ...
CVE-2023-29544If multiple instances of resource exhaustion occurred at the incorrect ...
CVE-2023-29543An attacker could have caused memory corruption and a potentially expl ...
CVE-2023-29542A newline in a filename could have been used to bypass the file extens ...
CVE-2023-29541Firefox did not properly handle downloads of files ending in <code>.de ...
CVE-2023-29540Using a redirect embedded into <code>sourceMappingUrls</code> could al ...
CVE-2023-29539When handling the filename directive in the Content-Disposition header ...
CVE-2023-29538Under specific circumstances a WebExtension may have received a <code> ...
CVE-2023-29537Multiple race conditions in the font initialization could have led to ...
CVE-2023-29536An attacker could cause the memory manager to incorrectly free a point ...
CVE-2023-29535Following a Garbage Collector compaction, weak maps may have been acce ...
CVE-2023-29534Different techniques existed to obscure the fullscreen notification in ...
CVE-2023-29533A website could have obscured the fullscreen notification by using a c ...
CVE-2023-29532A local attacker can trick the Mozilla Maintenance Service into applyi ...
CVE-2023-29531An attacker could have caused an out of bounds memory access using Web ...
CVE-2023-28177Memory safety bugs present in Firefox 110. Some of these bugs showed e ...
CVE-2023-28176Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some ...
CVE-2023-28164Dragging a URL from a cross-origin iframe that was removed during the ...
CVE-2023-28163When downloading files through the Save As dialog on Windows with sugg ...
CVE-2023-28162While implementing AudioWorklets, some code may have casted one type t ...
CVE-2023-28161If temporary "one-time" permissions, such as the ability to use the Ca ...
CVE-2023-28160When following a redirect to a publicly accessible web extension file, ...
CVE-2023-28159The fullscreen notification could have been hidden on Firefox for Andr ...
CVE-2023-25752When accessing throttled streams, the count of available bytes needed ...
CVE-2023-25751Sometimes, when invalidating JIT code while following an iterator, the ...
CVE-2023-25750Under certain circumstances, a ServiceWorker's offline cache may have ...
CVE-2023-25749Android applications with unpatched vulnerabilities can be launched fr ...
CVE-2023-25748By displaying a prompt with a long description, the fullscreen notific ...
CVE-2023-25747A potential use-after-free in libaudio was fixed by disabling the AAud ...
CVE-2023-25745Memory safety bugs present in Firefox 109. Some of these bugs showed e ...
CVE-2023-25744Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some ...
CVE-2023-25743A lack of in app notification for entering fullscreen mode could have ...
CVE-2023-25742When importing a SPKI RSA public key as ECDSA P-256, the key would be ...
CVE-2023-25741When dragging and dropping an image cross-origin, the image's size cou ...
CVE-2023-25740After downloading a Windows <code>.scf</code> script from the local fi ...
CVE-2023-25739Module load requests that failed were not being checked as to whether ...
CVE-2023-25738Members of the <code>DEVMODEW</code> struct set by the printer device ...
CVE-2023-25737An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</ ...
CVE-2023-25736An invalid downcast from `nsHTMLDocument` to `nsIContent` could have l ...
CVE-2023-25735Cross-compartment wrappers wrapping a scripted proxy could have caused ...
CVE-2023-25734After downloading a Windows <code>.url</code> shortcut from the local ...
CVE-2023-25733The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being ver ...
CVE-2023-25732When encoding data from an <code>inputStream</code> in <code>xpcom</co ...
CVE-2023-25731Due to URL previews in the network panel of developer tools improperly ...
CVE-2023-25730A background script invoking <code>requestFullscreen</code> and then b ...
CVE-2023-25729Permission prompts for opening external schemes were only shown for <c ...
CVE-2023-25728The <code>Content-Security-Policy-Report-Only</code> header could allo ...
CVE-2023-23606Memory safety bugs present in Firefox 108. Some of these bugs showed e ...
CVE-2023-23605Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some ...
CVE-2023-23604A duplicate <code>SystemPrincipal</code> object could be created when ...
CVE-2023-23603Regular expressions used to filter out forbidden properties and values ...
CVE-2023-23602A mishandled security check when creating a WebSocket in a WebWorker c ...
CVE-2023-23601Navigations were being allowed when dragging a URL from a cross-origin ...
CVE-2023-23600Per origin notification permissions were being stored in a way that di ...
CVE-2023-23599When copying a network request from the developer tools panel as a cur ...
CVE-2023-23598Due to the Firefox GTK wrapper code's use of text/plain for drag data ...
CVE-2023-23597A compromised web child process could disable web security opening res ...
CVE-2023-6873Memory safety bugs present in Firefox 120. Some of these bugs showed e ...
CVE-2023-6872Browser tab titles were being leaked by GNOME to system logs. This cou ...
CVE-2023-6871Under certain conditions, Firefox did not display a warning when a use ...
CVE-2023-6870Applications which spawn a Toast notification in a background thread m ...
CVE-2023-6869A `&lt;dialog>` element could have been manipulated to paint content o ...
CVE-2023-6868In some instances, the user-agent would allow push requests which lack ...
CVE-2023-6867The timing of a button click causing a popup to disappear was approxim ...
CVE-2023-6866TypedArrays can be fallible and lacked proper exception handling. This ...
CVE-2023-6865`EncryptingOutputStream` was susceptible to exposing uninitialized dat ...
CVE-2023-6864Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thun ...
CVE-2023-6863The `ShutdownObserver()` was susceptible to potentially undefined beha ...
CVE-2023-6861The `nsWindow::PickerOpen(void)` method was susceptible to a heap buff ...
CVE-2023-6860The `VideoBridge` allowed any content process to use textures produced ...
CVE-2023-6859A use-after-free condition affected TLS socket creation when under mem ...
CVE-2023-6858Firefox was susceptible to a heap buffer overflow in `nsTextFragment` ...
CVE-2023-6857When resolving a symlink, a race may occur where the buffer passed to ...
CVE-2023-6856The WebGL `DrawElementsInstanced` method was susceptible to a heap buf ...
CVE-2023-6213Memory safety bugs present in Firefox 119. Some of these bugs showed e ...
CVE-2023-6212Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thun ...
CVE-2023-6211If an attacker needed a user to load an insecure http: page and knew t ...
CVE-2023-6210When an https: web page created a pop-up from a "javascript:" URL, tha ...
CVE-2023-6209Relative URLs starting with three slashes were incorrectly parsed, and ...
CVE-2023-6208When using X11, text selected by the page using the Selection API was ...
CVE-2023-6207Ownership mismanagement led to a use-after-free in ReadableByteStreams ...
CVE-2023-6206The black fade animation when exiting fullscreen is roughly the length ...
CVE-2023-6205It was possible to cause the use of a MessagePort after it had already ...
CVE-2023-6204On some systems\u2014depending on the graphics settings and drivers\u2 ...
CVE-2023-6135Multiple NSS NIST curves were susceptible to a side-channel attack kno ...
CVE-2023-5758When opening a page in reader mode, the redirect URL could have caused ...
CVE-2023-5731Memory safety bugs present in Firefox 118. Some of these bugs showed e ...
CVE-2023-5730Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thun ...
CVE-2023-5729A malicious web site can enter fullscreen mode while simultaneously tr ...
CVE-2023-5728During garbage collection extra operations were performed on a object ...
CVE-2023-5727The executable file warning was not presented when downloading .msix, ...
CVE-2023-5726A website could have obscured the full screen notification by using th ...
CVE-2023-5725A malicious installed WebExtension could open arbitrary URLs, which un ...
CVE-2023-5724Drivers are not always robust to extremely large draw calls and in som ...
CVE-2023-5723An attacker with temporary script access to a site could have set a co ...
CVE-2023-5722Using iterative requests an attacker was able to learn the size of an ...
CVE-2023-5721It was possible for certain browser prompts and dialogs to be activate ...
CVE-2023-5176Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thun ...
CVE-2023-5175During process shutdown, it was possible that an `ImageBitmap` was cre ...
CVE-2023-5174If Windows failed to duplicate a handle during process creation, the s ...
CVE-2023-5173In a non-standard configuration of Firefox, an integer overflow could ...
CVE-2023-5172A hashtable in the Ion Engine could have been mutated while there was ...
CVE-2023-5171During Ion compilation, a Garbage Collection could have resulted in a ...
CVE-2023-5170In canvas rendering, a compromised content process could have caused a ...
CVE-2023-5169A compromised content process could have provided malicious data in a ...
CVE-2023-5168A compromised content process could have provided malicious data to `F ...
CVE-2023-4863Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.1 ...
CVE-2023-4585Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thun ...
CVE-2023-4584Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ...
CVE-2023-4583When checking if the Browsing Context had been discarded in `HttpBaseC ...
CVE-2023-4582Due to large allocation checks in Angle for glsl shaders being too len ...
CVE-2023-4581Excel `.xll` add-in files did not have a blocklist entry in Firefox's ...
CVE-2023-4580Push notifications stored on disk in private browsing mode were not be ...
CVE-2023-4579Search queries in the default search engine could appear to have been ...
CVE-2023-4578When calling `JS::CheckRegExpSyntax` a Syntax Error could have been se ...
CVE-2023-4577When `UpdateRegExpStatics` attempted to access `initialStringHeap` it ...
CVE-2023-4576On Windows, an integer overflow could occur in `RecordedSourceSurfaceC ...
CVE-2023-4575When creating a callback over IPC for showing the File Picker window, ...
CVE-2023-4574When creating a callback over IPC for showing the Color Picker window, ...
CVE-2023-4573When receiving rendering data over IPC `mStream` could have been destr ...
CVE-2023-4058Memory safety bugs present in Firefox 115. Some of these bugs showed e ...
CVE-2023-4057Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thun ...
CVE-2023-4056Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ...
CVE-2023-4055When the number of cookies per domain was exceeded in `document.cookie ...
CVE-2023-4054When opening appref-ms files, Firefox did not warn the user that these ...
CVE-2023-4053A website could have obscured the full screen notification by using a ...
CVE-2023-4052The Firefox updater created a directory writable by non-privileged use ...
CVE-2023-4051A website could have obscured the full screen notification by using th ...
CVE-2023-4050In some cases, an untrusted input stream was copied to a stack buffer ...
CVE-2023-4049Race conditions in reference counting code were found through code ins ...
CVE-2023-4048An out-of-bounds read could have led to an exploitable crash when pars ...
CVE-2023-4047A bug in popup notifications delay calculation could have made it poss ...
CVE-2023-4046In some circumstances, a stale value could have been used for a global ...
CVE-2023-4045Offscreen Canvas did not properly track cross-origin tainting, which c ...
CVE-2023-3600During the worker lifecycle, a use-after-free condition could have occ ...
CVE-2023-3482When Firefox is configured to block storage of all cookies, it was sti ...
CVE-2023-1999There exists a use after free/double free in libwebp. An attacker can ...
CVE-2023-0767An attacker could construct a PKCS 12 cert bundle in such a way that c ...
CVE-2022-46885Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzin ...
CVE-2022-46884A potential use-after-free vulnerability existed in SVG Images if the ...
CVE-2022-46883Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight a ...
CVE-2022-46882A use-after-free in WebGL extensions could have led to a potentially e ...
CVE-2022-46881An optimization in WebGL was incorrect in some cases, and could have l ...
CVE-2022-46880A missing check related to tex units could have led to a use-after-fre ...
CVE-2022-46879Mozilla developers and community members Lukas Bernhard, Gabriele Svel ...
CVE-2022-46878Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the ...
CVE-2022-46877By confusing the browser, the fullscreen notification could have been ...
CVE-2022-46875The executable file warning was not presented when downloading .atloc ...
CVE-2022-46874A file with a long filename could have had its filename truncated to r ...
CVE-2022-46873Because Firefox did not implement the <code>unsafe-hashes</code> CSP d ...
CVE-2022-46872An attacker who compromised a content process could have partially esc ...
CVE-2022-46871An out of date library (libusrsctp) contained vulnerabilities that cou ...
CVE-2022-45421Mozilla developers Andrew McCreight and Gabriele Svelto reported memor ...
CVE-2022-45420Use tables inside of an iframe, an attacker could have caused iframe c ...
CVE-2022-45419If the user added a security exception for an invalid TLS certificate, ...
CVE-2022-45418If a custom mouse cursor is specified in CSS, under certain circumstan ...
CVE-2022-45417Service Workers did not detect Private Browsing Mode correctly in all ...
CVE-2022-45416Keyboard events reference strings like "KeyA" that were at fixed, know ...
CVE-2022-45415When downloading an HTML file, if the title of the page was formatted ...
CVE-2022-45413Using the <code>S.browser_fallback_url parameter</code> parameter, an ...
CVE-2022-45412When resolving a symlink such as <code>file:///proc/self/fd/1</code>, ...
CVE-2022-45411Cross-Site Tracing occurs when a server will echo a request back via t ...
CVE-2022-45410When a ServiceWorker intercepted a request with <code>FetchEvent</code ...
CVE-2022-45409The garbage collector could have been aborted in several states and zo ...
CVE-2022-45408Through a series of popups that reuse windowName, an attacker can caus ...
CVE-2022-45407If an attacker loaded a font using <code>FontFace()</code> on a backgr ...
CVE-2022-45406If an out-of-memory condition occurred when creating a JavaScript glob ...
CVE-2022-45405Freeing arbitrary <code>nsIInputStream</code>'s on a different thread ...
CVE-2022-45404Through a series of popup and <code>window.print()</code> calls, an at ...
CVE-2022-45403Service Workers should not be able to infer information about opaque c ...
CVE-2022-42932Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported m ...
CVE-2022-42931Logins saved by Firefox should be managed by the Password Manager comp ...
CVE-2022-42930If two Workers were simultaneously initializing their CacheStorage, a ...
CVE-2022-42929If a website called `window.print()` in a particular way, it could cau ...
CVE-2022-42928Certain types of allocations were missing annotations that, if the Gar ...
CVE-2022-42927A same-origin policy violation could have allowed the theft of cross-o ...
CVE-2022-40962Mozilla developers Nika Layzell, Timothy Nikkel, Sebastian Hengst, And ...
CVE-2022-40961During startup, a graphics driver with an unexpected name could lead t ...
CVE-2022-40960Concurrent use of the URL parser with non-UTF-8 data was not thread-sa ...
CVE-2022-40959During iframe navigation, certain pages did not have their FeaturePoli ...
CVE-2022-40958By injecting a cookie with certain special characters, an attacker on ...
CVE-2022-40957Inconsistent data in instruction and data cache when creating wasm cod ...
CVE-2022-40956When injecting an HTML base element, some requests would ignore the CS ...
CVE-2022-38478Members the Mozilla Fuzzing Team reported memory safety bugs present i ...
CVE-2022-38477Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported m ...
CVE-2022-38475An attacker could have written a value to the first element in a zero- ...
CVE-2022-38474A website that had permission to access the microphone could record au ...
CVE-2022-38473A cross-origin iframe referencing an XSLT document would inherit the p ...
CVE-2022-38472An attacker could have abused XSLT error handling to associate attacke ...
CVE-2022-36320Mozilla developers and the Mozilla Fuzzing Team reported memory safety ...
CVE-2022-36319When combining CSS properties for overflow and transform, the mouse cu ...
CVE-2022-36318When visiting directory listings for `chrome://` URLs as source text, ...
CVE-2022-36317When visiting a website with an overly long URL, the user interface wo ...
CVE-2022-36316When using the Performance API, an attacker was able to notice subtle ...
CVE-2022-36315When loading a script with Subresource Integrity, attackers with an in ...
CVE-2022-36314When opening a Windows shortcut from the local filesystem, an attacker ...
CVE-2022-34485Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team r ...
CVE-2022-34484The Mozilla Fuzzing Team reported potential vulnerabilities present in ...
CVE-2022-34483An attacker who could have convinced a user to drag and drop an image ...
CVE-2022-34482An attacker who could have convinced a user to drag and drop an image ...
CVE-2022-34481In the <code>nsTArray_Impl::ReplaceElementsAt()</code> function, an in ...
CVE-2022-34480Within the <code>lg_init()</code> function, if several allocations suc ...
CVE-2022-34479A malicious website that could create a popup could have resized the p ...
CVE-2022-34478The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</co ...
CVE-2022-34477The MediaError message property should be consistent to avoid leaking ...
CVE-2022-34476ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP cou ...
CVE-2022-34475SVG <code>&lt;use&gt;</code> tags that referenced a same-origin docume ...
CVE-2022-34474Even when an iframe was sandboxed with <code>allow-top-navigation-by-u ...
CVE-2022-34473The HTML Sanitizer should have sanitized the <code>href</code> attribu ...
CVE-2022-34472If there was a PAC URL set and the server that hosts the PAC was not r ...
CVE-2022-34471When downloading an update for an addon, the downloaded addon update's ...
CVE-2022-34470Session history navigations may have led to a use-after-free and poten ...
CVE-2022-34469When a TLS Certificate error occurs on a domain protected by the HSTS ...
CVE-2022-34468An iframe that was not permitted to run scripts could do so if the use ...
CVE-2022-31748Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon ...
CVE-2022-31747Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozil ...
CVE-2022-31746Internal URLs are protected by a secret UUID key, which could have bee ...
CVE-2022-31745If array shift operations are not used, the Garbage Collector may have ...
CVE-2022-31744An attacker could have injected CSS into stylesheets accessible via in ...
CVE-2022-31743Firefox's HTML parser did not correctly interpret HTML comment tags, r ...
CVE-2022-31742An attacker could have exploited a timing attack by sending a large nu ...
CVE-2022-31741A crafted CMS message could have been processed incorrectly, leading t ...
CVE-2022-31740On arm64, WASM code could have resulted in incorrect assembly generati ...
CVE-2022-31739When downloading files on Windows, the % character was not escaped, wh ...
CVE-2022-31738When exiting fullscreen mode, an iframe could have confused the browse ...
CVE-2022-31737A malicious webpage could have caused an out-of-bounds write in WebGL, ...
CVE-2022-31736A malicious website could have learned the size of a cross-origin reso ...
CVE-2022-29918Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzz ...
CVE-2022-29917Mozilla developers Andrew McCreight, Gabriele Svelto, Tom Ritter and t ...
CVE-2022-29916Firefox behaved slightly differently for already known resources when ...
CVE-2022-29915The Performance API did not properly hide the fact whether a request c ...
CVE-2022-29914When reusing existing popups Firefox would have allowed them to cover ...
CVE-2022-29912Requests initiated through reader mode did not properly omit cookies w ...
CVE-2022-29911An improper implementation of the new iframe sandbox keyword <code>all ...
CVE-2022-29910When closed or sent to the background, Firefox for Android would not p ...
CVE-2022-29909Documents in deeply-nested cross-origin browsing contexts could have o ...
CVE-2022-28289Mozilla developers and community members Nika Layzell, Andrew McCreigh ...
CVE-2022-28288Mozilla developers and community members Randell Jesup, Sebastian Heng ...
CVE-2022-28287In unusual circumstances, selecting text could cause text selection ca ...
CVE-2022-28286Due to a layout change, iframe contents could have been rendered outsi ...
CVE-2022-28285When generating the assembly code for <code>MLoadTypedArrayElementHole ...
CVE-2022-28284SVG's <code>&lt;use&gt;</code> element could have been used to load un ...
CVE-2022-28283The sourceMapURL feature in devtools was missing security checks that ...
CVE-2022-28282By using a link with <code>rel="localization"</code> a use-after-free ...
CVE-2022-28281If a compromised content process sent an unexpected number of WebAuthN ...
CVE-2022-26486An unexpected message in the WebGPU IPC framework could lead to a use- ...
CVE-2022-26485Removing an XSLT parameter during processing could have lead to an exp ...
CVE-2022-26387When installing an add-on, Firefox verified the signature before promp ...
CVE-2022-26385In unusual circumstances, an individual thread may outlive the thread' ...
CVE-2022-26384If an attacker could control the contents of an iframe sandboxed with ...
CVE-2022-26383When resizing a popup after requesting fullscreen access, the popup wo ...
CVE-2022-26382While the text displayed in Autofill tooltips cannot be directly read ...
CVE-2022-26381An attacker could have caused a use-after-free by forcing a text reflo ...
CVE-2022-24713regex is an implementation of regular expressions for the Rust languag ...
CVE-2022-22764Mozilla developers Paul Adenot and the Mozilla Fuzzing Team reported m ...
CVE-2022-22762Under certain circumstances, a JavaScript alert (or prompt) could have ...
CVE-2022-22761Web-accessible extension pages (pages with a moz-extension:// scheme) ...
CVE-2022-22760When importing resources using Web Workers, error messages would disti ...
CVE-2022-22759If a document created a sandboxed iframe without <code>allow-scripts</ ...
CVE-2022-22758When clicking on a tel: link, USSD codes, specified after a <code>\*</ ...
CVE-2022-22757Remote Agent, used in WebDriver, did not validate the Host or Origin h ...
CVE-2022-22756If a user was convinced to drag and drop an image to their desktop or ...
CVE-2022-22755By using XSL Transforms, a malicious webserver could have served a use ...
CVE-2022-22754If a user installed an extension of a particular type, the extension c ...
CVE-2022-22753A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) S ...
CVE-2022-22752Mozilla developers Christian Holler and Jason Kratzer reported memory ...
CVE-2022-22751Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, J ...
CVE-2022-22750By generally accepting and passing resource handles across processes, ...
CVE-2022-22749When scanning QR codes, Firefox for Android would have allowed navigat ...
CVE-2022-22748Malicious websites could have confused Firefox into showing the wrong ...
CVE-2022-22747After accepting an untrusted certificate, handling an empty pkcs7 sequ ...
CVE-2022-22746A race condition could have allowed bypassing the fullscreen notificat ...
CVE-2022-22745Securitypolicyviolation events could have leaked cross-origin informat ...
CVE-2022-22744The constructed curl command from the "Copy as curl" feature in DevToo ...
CVE-2022-22743When navigating from inside an iframe while requesting fullscreen acce ...
CVE-2022-22742When inserting text while in edit mode, some characters might have lea ...
CVE-2022-22741When resizing a popup while requesting fullscreen access, the popup wo ...
CVE-2022-22740Certain network request objects were freed too early when releasing a ...
CVE-2022-22739Malicious websites could have tricked users into accepting launching a ...
CVE-2022-22738Applying a CSS filter effect could have accessed out of bounds memory. ...
CVE-2022-22737Constructing audio sinks could have lead to a race condition when play ...
CVE-2022-22736If Firefox was installed to a world-writable directory, a local privil ...
CVE-2022-3266An out-of-bounds read can occur when decoding H264 video. This results ...
CVE-2022-2505Mozilla developers and the Mozilla Fuzzing Team reported memory safety ...
CVE-2022-2205
CVE-2022-2200If an object prototype was corrupted by an attacker, they would have b ...
CVE-2022-1919Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allow ...
CVE-2022-1887The search term could have been specified externally to trigger SQL in ...
CVE-2022-1802If an attacker was able to corrupt the methods of an Array object in J ...
CVE-2022-1529An attacker could have sent a message to the parent process where the ...
CVE-2022-1097<code>NSSToken</code> objects were referenced via direct points, and c ...
CVE-2022-0843Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup ...
CVE-2022-0511Mozilla developers and community members Gabriele Svelto, Sebastian He ...
CVE-2021-43546It was possible to recreate previous cursor spoofing attacks against u ...
CVE-2021-43545Using the Location API in a loop could have caused severe application ...
CVE-2021-43544When receiving a URL through a SEND intent, Firefox would have searche ...
CVE-2021-43543Documents loaded with the CSP sandbox directive could have escaped the ...
CVE-2021-43542Using XMLHttpRequest, an attacker could have identified installed appl ...
CVE-2021-43541When invoking protocol handlers for external protocols, a supplied par ...
CVE-2021-43540WebExtensions with the correct permissions were able to create and ins ...
CVE-2021-43539Failure to correctly record the location of live pointers across wasm ...
CVE-2021-43538By misusing a race in our notification code, an attacker could have fo ...
CVE-2021-43537An incorrect type conversion of sizes from 64bit to 32bit integers all ...
CVE-2021-43536Under certain circumstances, asynchronous functions could have caused ...
CVE-2021-43535A use-after-free could have occured when an HTTP2 session object was r ...
CVE-2021-43534Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-43533When parsing internationalized domain names, high bits of the characte ...
CVE-2021-43532The 'Copy Image Link' context menu action would copy the final image U ...
CVE-2021-43531When a user loaded a Web Extensions context menu, the Web Extension co ...
CVE-2021-43530A Universal XSS vulnerability was present in Firefox for Android resul ...
CVE-2021-38510The executable file warning was not presented when downloading .inetlo ...
CVE-2021-38509Due to an unusual sequence of attacker-controlled events, a Javascript ...
CVE-2021-38508By displaying a form validity message in the correct location at the s ...
CVE-2021-38507The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a conn ...
CVE-2021-38506Through a series of navigations, Firefox could have entered fullscreen ...
CVE-2021-38505Microsoft introduced a new feature in Windows 10 known as Cloud Clipbo ...
CVE-2021-38504When interacting with an HTML input element's file picker dialog with ...
CVE-2021-38503The iframe sandbox rules were not correctly applied to XSLT stylesheet ...
CVE-2021-38501Mozilla developers reported memory safety bugs present in Firefox 92 a ...
CVE-2021-38500Mozilla developers reported memory safety bugs present in Firefox 92 a ...
CVE-2021-38499Mozilla developers reported memory safety bugs present in Firefox 92. ...
CVE-2021-38498During process shutdown, a document could have caused a use-after-free ...
CVE-2021-38497Through use of reportValidity() and window.open(), a plain-text valida ...
CVE-2021-38496During operations on MessageTasks, a task may have been removed while ...
CVE-2021-38494Mozilla developers reported memory safety bugs present in Firefox 91. ...
CVE-2021-38493Mozilla developers reported memory safety bugs present in Firefox 91 a ...
CVE-2021-38492When delegating navigations to the operating system, Firefox would acc ...
CVE-2021-38491Mixed-content checks were unable to analyze opaque origins which led t ...
CVE-2021-32810crossbeam-deque is a package of work-stealing deques for building task ...
CVE-2021-30547Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 a ...
CVE-2021-29993Firefox for Android allowed navigations through the `intent://` protoc ...
CVE-2021-29991Firefox incorrectly accepted a newline in a HTTP/3 header, interpretti ...
CVE-2021-29990Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-29989Mozilla developers reported memory safety bugs present in Firefox 90 a ...
CVE-2021-29988Firefox incorrectly treated an inline list-item element as a block ele ...
CVE-2021-29987After requesting multiple permissions, and closing the first permissio ...
CVE-2021-29986A suspected race condition when calling getaddrinfo led to memory corr ...
CVE-2021-29985A use-after-free vulnerability in media channels could have led to mem ...
CVE-2021-29984Instruction reordering resulted in a sequence of instructions that wou ...
CVE-2021-29983Firefox for Android could get stuck in fullscreen mode and not exit it ...
CVE-2021-29982Due to incorrect JIT optimization, we incorrectly interpreted data fro ...
CVE-2021-29981An issue present in lowering/register allocation could have led to obs ...
CVE-2021-29980Uninitialized memory in a canvas object could have caused an incorrect ...
CVE-2021-29977Mozilla developers reported memory safety bugs present in Firefox 89. ...
CVE-2021-29976Mozilla developers reported memory safety bugs present in code shared ...
CVE-2021-29975Through a series of DOM manipulations, a message, over which the attac ...
CVE-2021-29974When network partitioning was enabled, e.g. as a result of Enhanced Tr ...
CVE-2021-29973Password autofill was enabled without user interaction on insecure web ...
CVE-2021-29972A use-after-free vulnerability was found via testing, and traced to an ...
CVE-2021-29971If a user had granted a permission to a webpage and saved that grant, ...
CVE-2021-29970A malicious webpage could have triggered a use-after-free, memory corr ...
CVE-2021-29968When drawing text onto a canvas with WebRender disabled, an out of bou ...
CVE-2021-29967Mozilla developers reported memory safety bugs present in Firefox 88 a ...
CVE-2021-29966Mozilla developers reported memory safety bugs present in Firefox 88. ...
CVE-2021-29965A malicious website that causes an HTTP Authentication dialog to be sp ...
CVE-2021-29964A locally-installed hostile program could send `WM_COPYDATA` messages ...
CVE-2021-29963Address bar search suggestions in private browsing mode were re-using ...
CVE-2021-29962Firefox for Android would become unstable and hard-to-recover when a w ...
CVE-2021-29961When styling and rendering an oversized `<select>` element, Firefox di ...
CVE-2021-29960Firefox used to cache the last filename used for printing a file. When ...
CVE-2021-29959When a user has already allowed a website to access microphone and cam ...
CVE-2021-29958When a download was initiated, the client did not check whether it was ...
CVE-2021-29955A transient execution vulnerability, named Floating Point Value Inject ...
CVE-2021-29953A malicious webpage could have forced a Firefox for Android user into ...
CVE-2021-29952When Web Render components were destructed, a race condition could hav ...
CVE-2021-29947Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-29946Ports that were written as an integer overflow above the bounds of a 1 ...
CVE-2021-29945The WebAssembly JIT could miscalculate the size of a return type, whic ...
CVE-2021-29944Lack of escaping allowed HTML injection when a webpage was viewed in R ...
CVE-2021-24002When a user clicked on an FTP URL containing encoded newline character ...
CVE-2021-24001A compromised content process could have performed session history man ...
CVE-2021-24000A race condition with requestPointerLock() and setTimeout() could have ...
CVE-2021-23999If a Blob URL was loaded through some unusual user interaction, it cou ...
CVE-2021-23998Through complicated navigations with new windows, an HTTP page could h ...
CVE-2021-23997Due to unexpected data type conversions, a use-after-free could have o ...
CVE-2021-23996By utilizing 3D CSS in conjunction with Javascript, content could have ...
CVE-2021-23995When Responsive Design Mode was enabled, it used references to objects ...
CVE-2021-23994A WebGL framebuffer was not initialized early enough, resulting in mem ...
CVE-2021-23988Mozilla developers reported memory safety bugs present in Firefox 86. ...
CVE-2021-23987Mozilla developers and community members reported memory safety bugs p ...
CVE-2021-23986A malicious extension with the 'search' permission could have installe ...
CVE-2021-23985If an attacker is able to alter specific about:config values (for exam ...
CVE-2021-23984A malicious extension could have opened a popup window lacking an addr ...
CVE-2021-23983By causing a transition on a parent node by removing a CSS rule, an in ...
CVE-2021-23982Using techniques that built on the slipstream research, a malicious we ...
CVE-2021-23981A texture upload of a Pixel Buffer Object could have confused the WebG ...
CVE-2021-23979Mozilla developers reported memory safety bugs present in Firefox 85. ...
CVE-2021-23978Mozilla developers reported memory safety bugs present in Firefox 85 a ...
CVE-2021-23977Firefox for Android suffered from a time-of-check-time-of-use vulnerab ...
CVE-2021-23976When accepting a malicious intent from other installed apps, Firefox f ...
CVE-2021-23975The developer page about:memory has a Measure function for exploring w ...
CVE-2021-23974The DOMParser API did not properly process '<noscript>' elements for e ...
CVE-2021-23973When trying to load a cross-origin resource in an audio/video context ...
CVE-2021-23972One phishing tactic on the web is to provide a link with HTTP Auth. Fo ...
CVE-2021-23971When processing a redirect with a conflicting Referrer-Policy, Firefox ...
CVE-2021-23970Context-specific code was included in a shared jump table; resulting i ...
CVE-2021-23969As specified in the W3C Content Security Policy draft, when creating a ...
CVE-2021-23968If Content Security Policy blocked frame navigation, the full destinat ...
CVE-2021-23965Mozilla developers reported memory safety bugs present in Firefox 84. ...
CVE-2021-23964Mozilla developers reported memory safety bugs present in Firefox 84 a ...
CVE-2021-23963When sharing geolocation during an active WebRTC share, Firefox could ...
CVE-2021-23962Incorrect use of the '<RowCountChanged>' method could have led to a us ...
CVE-2021-23961Further techniques that built on the slipstream research combined with ...
CVE-2021-23960Performing garbage collection on re-declared JavaScript variables resu ...
CVE-2021-23959An XSS bug in internal error pages could have led to various spoofing ...
CVE-2021-23958The browser could have been confused into transferring a screen sharin ...
CVE-2021-23957Navigations through the Android-specific `intent` URL scheme could hav ...
CVE-2021-23956An ambiguous file picker design could have confused users who intended ...
CVE-2021-23955The browser could have been confused into transferring a pointer lock ...
CVE-2021-23954Using the new logical assignment operators in a JavaScript switch stat ...
CVE-2021-23953If a user clicked into a specifically crafted PDF, the PDF reader coul ...
CVE-2021-4221If a domain name contained a RTL character, it would cause the domain ...
CVE-2021-4140It was possible to construct specific XSLT markup that would be able t ...
CVE-2021-4129Mozilla developers and community members Julian Hector, Randell Jesup, ...
CVE-2021-4128When transitioning in and out of fullscreen mode, a graphics object wa ...
CVE-2020-35114Mozilla developers reported memory safety bugs present in Firefox 83. ...
CVE-2020-35113Mozilla developers reported memory safety bugs present in Firefox 83 a ...
CVE-2020-35112If a user downloaded a file lacking an extension on Windows, and then ...
CVE-2020-35111When an extension with the proxy permission registered to receive <all ...
CVE-2020-26979When a user typed a URL in the address bar or the search bar and quick ...
CVE-2020-26978Using techniques that built on the slipstream research, a malicious we ...
CVE-2020-26977By attempting to connect a website using an unresponsive port, an atta ...
CVE-2020-26976When a HTTPS pages was embedded in a HTTP page, and there was a servic ...
CVE-2020-26975When a malicious application installed on the user's device broadcast ...
CVE-2020-26974When flex-basis was used on a table wrapper, a StyleGenericFlexBasis o ...
CVE-2020-26973Certain input to the CSS Sanitizer confused it, resulting in incorrect ...
CVE-2020-26972The lifecycle of IPC Actors allows managed actors to outlive their man ...
CVE-2020-26971Certain blit values provided by the user were not properly constrained ...
CVE-2020-26969Mozilla developers reported memory safety bugs present in Firefox 82. ...
CVE-2020-26968Mozilla developers reported memory safety bugs present in Firefox 82 a ...
CVE-2020-26967When listening for page changes with a Mutation Observer, a malicious ...
CVE-2020-26966Searching for a single word from the address bar caused an mDNS reques ...
CVE-2020-26965Some websites have a feature "Show Password" where clicking a button w ...
CVE-2020-26964If the Remote Debugging via USB feature was enabled in Firefox for And ...
CVE-2020-26963Repeated calls to the history and location interfaces could have been ...
CVE-2020-26962Cross-origin iframes that contained a login form could have been recog ...
CVE-2020-26961When DNS over HTTPS is in use, it intentionally filters RFC1918 and re ...
CVE-2020-26960If the Compact() method was called on an nsTArray, the array could hav ...
CVE-2020-26959During browser shutdown, reference decrementing could have occured on ...
CVE-2020-26958Firefox did not block execution of scripts with incorrect MIME types w ...
CVE-2020-26957OneCRL was non-functional in the new Firefox for Android due to a miss ...
CVE-2020-26956In some cases, removing HTML elements during sanitization would keep e ...
CVE-2020-26955When a user downloaded a file in Firefox for Android, if a cookie is s ...
CVE-2020-26954When accepting a malicious intent from other installed apps, Firefox f ...
CVE-2020-26953It was possible to cause the browser to enter fullscreen mode without ...
CVE-2020-26952Incorrect bookkeeping of functions inlined during JIT compilation coul ...
CVE-2020-26951A parsing and event loading mismatch in Firefox's SVG code could have ...
CVE-2020-26950In certain circumstances, the MCallGetProperty opcode can be emitted w ...
CVE-2020-16048Out of bounds read in ANGLE allowed a remote attacker to obtain sensit ...
CVE-2020-16044Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowe ...
CVE-2020-16042Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed ...
CVE-2020-16012Side-channel information leakage in graphics in Google Chrome prior to ...
CVE-2020-15969Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ...
CVE-2020-15684Mozilla developers reported memory safety bugs present in Firefox 81. ...
CVE-2020-15683Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-15682When a link to an external protocol was clicked, a prompt was presente ...
CVE-2020-15681When multiple WASM threads had a reference to a module, and were looki ...
CVE-2020-15680If a valid external protocol handler was referenced in an image tag, t ...
CVE-2020-15678When recursing through graphical layers while scrolling, an iterator m ...
CVE-2020-15677By exploiting an Open Redirect vulnerability on a website, an attacker ...
CVE-2020-15676Firefox sometimes ran the onload handler for SVG elements that the DOM ...
CVE-2020-15675When processing surfaces, the lifetime may outlive a persistent buffer ...
CVE-2020-15674Mozilla developers reported memory safety bugs present in Firefox 80. ...
CVE-2020-15673Mozilla developers reported memory safety bugs present in Firefox 80 a ...
CVE-2020-15671When typing in a password under certain conditions, a race may have oc ...
CVE-2020-15670Mozilla developers reported memory safety bugs present in Firefox for ...
CVE-2020-15668A lock was missing when accessing a data structure and importing certi ...
CVE-2020-15667When processing a MAR update file, after the signature has been valida ...
CVE-2020-15666When trying to load a non-video in an audio/video context the exact st ...
CVE-2020-15665Firefox did not reset the address bar after the beforeunload dialog wa ...
CVE-2020-15664By holding a reference to the eval() function from an about:blank wind ...
CVE-2020-15663If Firefox is installed to a user-writable directory, the Mozilla Main ...
CVE-2020-15662A rogue webpage could override the injected WKUserScript used by the d ...
CVE-2020-15661A rogue webpage could override the injected WKUserScript used by the l ...
CVE-2020-15659Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-15658The code for downloading files did not properly take care of special c ...
CVE-2020-15657Firefox could be made to load attacker-supplied DLL files from the ins ...
CVE-2020-15656JIT optimizations involving the Javascript arguments object could conf ...
CVE-2020-15655A redirected HTTP request which is observed or modified through a web ...
CVE-2020-15654When in an endless loop, a website specifying a custom cursor using CS ...
CVE-2020-15653An iframe sandbox element with the allow-popups flag could be bypassed ...
CVE-2020-15652By observing the stack trace for JavaScript errors in web workers, it ...
CVE-2020-15651A unicode RTL order character in the downloaded file name can be used ...
CVE-2020-15650Given an installed malicious file picker application, an attacker was ...
CVE-2020-15649Given an installed malicious file picker application, an attacker was ...
CVE-2020-15648Using object or embed tags, it was possible to frame other websites, e ...
CVE-2020-15647A Content Provider in Firefox for Android allowed local files accessib ...
CVE-2020-15254Crossbeam is a set of tools for concurrent programming. In crossbeam-c ...
CVE-2020-12426Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-12425Due to confusion processing a hyphen character in Date.parse(), a one- ...
CVE-2020-12424When constructing a permission prompt for WebRTC, a URI was supplied f ...
CVE-2020-12423When the Windows DLL "webauthn.dll" was missing from the Operating Sys ...
CVE-2020-12422In non-standard configurations, a JPEG image created by JavaScript cou ...
CVE-2020-12421When performing add-on updates, certificate chains terminating in non- ...
CVE-2020-12420When trying to connect to a STUN server, a race condition could have c ...
CVE-2020-12419When processing callbacks that occurred during window flushing in the ...
CVE-2020-12418Manipulating individual parts of a URL object could have caused an out ...
CVE-2020-12417Due to confusion about ValueTags on JavaScript Objects, an object may ...
CVE-2020-12416A VideoStreamEncoder may have been freed in a race condition with Vide ...
CVE-2020-12415When "%2F" was present in a manifest URL, Firefox's AppCache behavior ...
CVE-2020-12414IndexedDB should be cleared when leaving private browsing mode and it ...
CVE-2020-12412By navigating a tab using the history API, an attacker could cause the ...
CVE-2020-12411Mozilla developers reported memory safety bugs present in Firefox 76. ...
CVE-2020-12410Mozilla developers reported memory safety bugs present in Firefox 76 a ...
CVE-2020-12409When using certain blank characters in a URL, they where incorrectly r ...
CVE-2020-12408When browsing a document hosted on an IP address, an attacker could in ...
CVE-2020-12407Mozilla Developer Nicolas Silva found that when using WebRender, Firef ...
CVE-2020-12406Mozilla Developer Iain Ireland discovered a missing type check during ...
CVE-2020-12405When browsing a malicious page, a race condition in our SharedWorkerSe ...
CVE-2020-12404For native-to-JS bridging the app requires a unique token to be passed ...
CVE-2020-12401During ECDSA signature generation, padding applied in the nonce design ...
CVE-2020-12400When converting coordinates from projective to affine, the modular inv ...
CVE-2020-12399NSS has shown timing differences when performing DSA signatures, which ...
CVE-2020-12396Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-12395Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-12394A logic flaw in our location bar implementation could have allowed a l ...
CVE-2020-12393The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-12392The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-12391Documents formed using data: URLs in an OBJECT element failed to inher ...
CVE-2020-12390Incorrect origin serialization of URLs with IPv6 addresses could lead ...
CVE-2020-12389The Firefox content processes did not sufficiently lockdown access con ...
CVE-2020-12388The Firefox content processes did not sufficiently lockdown access con ...
CVE-2020-12387A race condition when running shutdown code for Web Worker led to a us ...
CVE-2020-6831A buffer overflow could occur when parsing and validating SCTP chunks ...
CVE-2020-6830For native-to-JS bridging, the app requires a unique token to be passe ...
CVE-2020-6829When performing EC scalar point multiplication, the wNAF point multipl ...
CVE-2020-6826Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis report ...
CVE-2020-6825Mozilla developers and community members Tyson Smith and Christian Hol ...
CVE-2020-6824Initially, a user opens a Private Browsing Window and generates a pass ...
CVE-2020-6823A malicious extension could have called <code>browser.identity.launchW ...
CVE-2020-6822On 32-bit builds, an out of bounds write could have occurred when proc ...
CVE-2020-6821When reading from areas partially or fully outside the source resource ...
CVE-2020-6820Under certain conditions, when handling a ReadableStream, a race condi ...
CVE-2020-6819Under certain conditions, when running the nsDocShell destructor, a ra ...
CVE-2020-6815Mozilla developers reported memory safety and script safety bugs prese ...
CVE-2020-6814Mozilla developers reported memory safety bugs present in Firefox and ...
CVE-2020-6813When protecting CSS blocks with the nonce feature of Content Security ...
CVE-2020-6812The first time AirPods are connected to an iPhone, they become named a ...
CVE-2020-6811The 'Copy as cURL' feature of Devtools' network tab did not properly e ...
CVE-2020-6810After a website had entered fullscreen mode, it could have used a prev ...
CVE-2020-6809When a Web Extension had the all-urls permission and made a fetch requ ...
CVE-2020-6808When a JavaScript URL (javascript:) is evaluated and the result is a s ...
CVE-2020-6807When a device was changed while a stream was about to be destroyed, th ...
CVE-2020-6806By carefully crafting promise resolutions, it was possible to cause an ...
CVE-2020-6805When removing data about an origin whose tab was recently closed, a us ...
CVE-2020-6801Mozilla developers reported memory safety bugs present in Firefox 72. ...
CVE-2020-6800Mozilla developers and community members reported memory safety bugs p ...
CVE-2020-6799Command line arguments could have been injected during Firefox invocat ...
CVE-2020-6798If a template tag was used in a select tag, the parser could be confus ...
CVE-2020-6797By downloading a file with the .fileloc extension, a semi-privileged e ...
CVE-2020-6796A content process could have modified shared memory relating to crash ...
CVE-2020-6514Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ...
CVE-2020-6463Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ...
CVE-2019-25136A compromised child process could have injected XBL Bindings into priv ...
CVE-2019-20503usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...
CVE-2019-17026Incorrect alias information in IonMonkey JIT compiler for setting arra ...
CVE-2019-17025Mozilla developers reported memory safety bugs present in Firefox 71. ...
CVE-2019-17024Mozilla developers reported memory safety bugs present in Firefox 71 a ...
CVE-2019-17023After a HelloRetryRequest has been sent, the client may negotiate a lo ...
CVE-2019-17022When pasting a &lt;style&gt; tag from the clipboard into a rich text e ...
CVE-2019-17021During the initialization of a new content process, a race condition o ...
CVE-2019-17020If an XML file is served with a Content Security Policy and the XML fi ...
CVE-2019-17019When Python was installed on Windows, a python file being served with ...
CVE-2019-17018When in Private Browsing Mode on Windows 10, the Windows keyboard may ...
CVE-2019-17017Due to a missing case handling object types, a type confusion vulnerab ...
CVE-2019-17016When pasting a &lt;style&gt; tag from the clipboard into a rich text e ...
CVE-2019-17015During the initialization of a new content process, a pointer offset c ...
CVE-2019-17014If an image had not loaded correctly (such as when it is not actually ...
CVE-2019-17013Mozilla developers reported memory safety bugs present in Firefox 70. ...
CVE-2019-17012Mozilla developers reported memory safety bugs present in Firefox 70 a ...
CVE-2019-17011Under certain conditions, when retrieving a document from a DocShell i ...
CVE-2019-17010Under certain conditions, when checking the Resist Fingerprinting pref ...
CVE-2019-17009When running, the updater service wrote status and log files to an unr ...
CVE-2019-17008When using nested workers, a use-after-free could occur during worker ...
CVE-2019-17005The plain text serializer used a fixed-size array for the number of <o ...
CVE-2019-17002If upgrade-insecure-requests was specified in the Content Security Pol ...
CVE-2019-17001A Content-Security-Policy that blocks in-line scripts could be bypasse ...
CVE-2019-17000An object tag with a data URI did not correctly inherit the document's ...
CVE-2019-15903In libexpat before 2.2.8, crafted XML input could fool the parser into ...
CVE-2019-13722Inappropriate implementation in WebRTC in Google Chrome prior to 79.0. ...
CVE-2019-13075Tor Browser through 8.5.3 has an information exposure vulnerability. I ...
CVE-2019-11765A compromised content process could send a message to the parent proce ...
CVE-2019-11764Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11763Failure to correctly handle null bytes when processing HTML entities r ...
CVE-2019-11762If two same-origin documents set document.domain differently to become ...
CVE-2019-11761By using a form with a data URI it was possible to gain access to the ...
CVE-2019-11760A fixed-size stack buffer could overflow in nrappkit when doing WebRTC ...
CVE-2019-11759An attacker could have caused 4 bytes of HMAC output to be written pas ...
CVE-2019-11757When following the value's prototype chain, it was possible to retain ...
CVE-2019-11756Improper refcounting of soft token session objects could cause a use-a ...
CVE-2019-11754When the pointer lock is enabled by a website though requestPointerLoc ...
CVE-2019-11753The Firefox installer allows Firefox to be installed to a custom user ...
CVE-2019-11752It is possible to delete an IndexedDB key value and subsequently try t ...
CVE-2019-11751Logging-related command line parameters are not properly sanitized whe ...
CVE-2019-11750A type confusion vulnerability exists in Spidermonkey, which results i ...
CVE-2019-11749A vulnerability exists in WebRTC where malicious web content can use p ...
CVE-2019-11748WebRTC in Firefox will honor persisted permissions given to sites for ...
CVE-2019-11747The "Forget about this site" feature in the History pane is intended t ...
CVE-2019-11746A use-after-free vulnerability can occur while manipulating video elem ...
CVE-2019-11744Some HTML elements, such as &lt;title&gt; and &lt;textarea&gt;, can co ...
CVE-2019-11743Navigation events were not fully adhering to the W3C's "Navigation-Tim ...
CVE-2019-11742A same-origin policy violation occurs allowing the theft of cross-orig ...
CVE-2019-11741A compromised sandboxed content process can perform a Universal Cross- ...
CVE-2019-11740Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11738If a Content Security Policy (CSP) directive is defined that uses a ha ...
CVE-2019-11737If a wildcard ('*') is specified for the host in Content Security Poli ...
CVE-2019-11736The Mozilla Maintenance Service does not guard against files being har ...
CVE-2019-11735Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11734Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11733When a master password is set, it is required to be entered again befo ...
CVE-2019-11730A vulnerability exists where if a user opens a locally saved HTML file ...
CVE-2019-11729Empty or malformed p256-ECDH public keys may trigger a segmentation fa ...
CVE-2019-11728The HTTP Alternative Services header, Alt-Svc, can be used by a malici ...
CVE-2019-11727A vulnerability exists where it possible to force Network Security Ser ...
CVE-2019-11725When a user navigates to site marked as unsafe by the Safebrowsing API ...
CVE-2019-11724Application permissions give additional remote troubleshooting permiss ...
CVE-2019-11723A vulnerability exists during the installation of add-ons where the in ...
CVE-2019-11721The unicode latin 'kra' character can be used to spoof a standard 'k' ...
CVE-2019-11720Some unicode characters are incorrectly treated as whitespace during t ...
CVE-2019-11719When importing a curve25519 private key in PKCS#8format with leading 0 ...
CVE-2019-11718Activity Stream can display content from sent from the Snippet Service ...
CVE-2019-11717A vulnerability exists where the caret ("^") character is improperly e ...
CVE-2019-11716Until explicitly accessed by script, window.globalThis is not enumerab ...
CVE-2019-11715Due to an error while parsing page content, it is possible for properl ...
CVE-2019-11714Necko can access a child on the wrong thread during UDP connections, r ...
CVE-2019-11713A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/ ...
CVE-2019-11712POST requests made by NPAPI plugins, such as Flash, that receive a sta ...
CVE-2019-11711When an inner window is reused, it does not consider the use of docume ...
CVE-2019-11710Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11709Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-11708Insufficient vetting of parameters passed with the Prompt:Open IPC mes ...
CVE-2019-11707A type confusion vulnerability can occur when manipulating JavaScript ...
CVE-2019-11702A hyperlink using protocols associated with Internet Explorer, such as ...
CVE-2019-11701The default webcal: protocol handler will load a web site vulnerable t ...
CVE-2019-11700A hyperlink using the res: protocol can be used to open local files at ...
CVE-2019-11699A malicious page can briefly cause the wrong name to be highlighted as ...
CVE-2019-11698If a crafted hyperlink is dragged and dropped to the bookmark bar or s ...
CVE-2019-11697If the ALT and "a" keys are pressed when users receive an extension in ...
CVE-2019-11696Files with the .JNLP extension used for "Java web start" applications ...
CVE-2019-11695A custom cursor defined by scripting on a site can position itself ove ...
CVE-2019-11694A vulnerability exists in the Windows sandbox where an uninitialized v ...
CVE-2019-11693The bufferdata function in WebGL is vulnerable to a buffer overflow wi ...
CVE-2019-11692A use-after-free vulnerability can occur when listeners are removed fr ...
CVE-2019-11691A use-after-free vulnerability can occur when working with XMLHttpRequ ...
CVE-2019-9821A use-after-free vulnerability can occur in AssertWorkerThread due to ...
CVE-2019-9820A use-after-free vulnerability can occur in the chrome event handler w ...
CVE-2019-9819A vulnerability where a JavaScript compartment mismatch can occur whil ...
CVE-2019-9818A race condition is present in the crash generation server used to gen ...
CVE-2019-9817Images from a different domain can be read using a canvas object in so ...
CVE-2019-9816A possible vulnerability exists where type confusion can occur when ma ...
CVE-2019-9815If hyperthreading is not disabled, a timing attack vulnerability exist ...
CVE-2019-9814Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-9813Incorrect handling of __proto__ mutations may lead to type confusion i ...
CVE-2019-9812Given a compromised sandboxed content process due to a separate vulner ...
CVE-2019-9811As part of a winning Pwn2Own entry, a researcher demonstrated a sandbo ...
CVE-2019-9810Incorrect alias information in IonMonkey JIT compiler for Array.protot ...
CVE-2019-9809If the source for resources on a page is through an FTP connection, it ...
CVE-2019-9808If WebRTC permission is requested from documents with data: or blob: U ...
CVE-2019-9807When arbitrary text is sent over an FTP connection and a page reload i ...
CVE-2019-9806A vulnerability exists during authorization prompting for FTP transact ...
CVE-2019-9805A latent vulnerability exists in the Prio library where data may be re ...
CVE-2019-9804In Firefox Developer Tools it is possible that pasting the result of t ...
CVE-2019-9803The Upgrade-Insecure-Requests (UIR) specification states that if UIR i ...
CVE-2019-9802If a Sandbox content process is compromised, it can initiate an FTP do ...
CVE-2019-9801Firefox will accept any registered Program ID as an external protocol ...
CVE-2019-9800Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-9799Insufficient bounds checking of data during inter-process communicatio ...
CVE-2019-9798On Android systems, Firefox can load a library from APITRACE_LIB, whic ...
CVE-2019-9797Cross-origin images can be read in violation of the same-origin policy ...
CVE-2019-9796A use-after-free vulnerability can occur when the SMIL animation contr ...
CVE-2019-9795A vulnerability where type-confusion in the IonMonkey just-in-time (JI ...
CVE-2019-9794A vulnerability was discovered where specific command line arguments a ...
CVE-2019-9793A mechanism was discovered that removes some bounds checking for strin ...
CVE-2019-9792The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTI ...
CVE-2019-9791The type inference system allows the compilation of functions that can ...
CVE-2019-9790A use-after-free vulnerability can occur when a raw pointer to a DOM e ...
CVE-2019-9789Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-9788Mozilla developers and community members reported memory safety bugs p ...
CVE-2019-7317png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after- ...
CVE-2019-5849Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allo ...
CVE-2019-5785Incorrect convexity calculations in Skia in Google Chrome prior to 72. ...
CVE-2018-18511Cross-origin images can be read from a canvas element in violation of ...
CVE-2018-18510The about:crashcontent and about:crashparent pages can be triggered by ...
CVE-2018-18506When proxy auto-detection is enabled, if a web server serves a Proxy A ...
CVE-2018-18505An earlier fix for an Inter-process Communication (IPC) vulnerability, ...
CVE-2018-18504A crash and out-of-bounds read can occur when the buffer of a texture ...
CVE-2018-18503When JavaScript is used to create and manipulate an audio buffer, a po ...
CVE-2018-18502Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-18501Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-18500A use-after-free vulnerability can occur while parsing an HTML5 stream ...
CVE-2018-18499A same-origin policy violation allowing the theft of cross-origin URL ...
CVE-2018-18498A potential vulnerability leading to an integer overflow can occur dur ...
CVE-2018-18497Limitations on the URIs allowed to WebExtensions by the browser.window ...
CVE-2018-18496When the RSS Feed preview about:feeds page is framed within another pa ...
CVE-2018-18495WebExtension content scripts can be loaded into about: pages in some c ...
CVE-2018-18494A same-origin policy violation allowing the theft of cross-origin URL ...
CVE-2018-18493A buffer overflow can occur in the Skia library during buffer offset c ...
CVE-2018-18492A use-after-free vulnerability can occur after deleting a selection el ...
CVE-2018-18356An integer overflow in path handling lead to a use after free in Skia ...
CVE-2018-17466Incorrect texture handling in Angle in Google Chrome prior to 70.0.353 ...
CVE-2018-12407A buffer overflow occurs when drawing and validating elements with the ...
CVE-2018-12406Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12405Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12403If a site is loaded over a HTTPS connection but loads a favicon resour ...
CVE-2018-12402The internal WebBrowserPersist code does not use correct origin contex ...
CVE-2018-12401Some special resource URIs will cause a non-exploitable crash if loade ...
CVE-2018-12400In private browsing mode on Firefox for Android, favicons are cached i ...
CVE-2018-12399When a new protocol handler is registered, the API accepts a title arg ...
CVE-2018-12398By using the reflected URL in some special resource URIs, such as chro ...
CVE-2018-12397A WebExtension can request access to local files without the warning p ...
CVE-2018-12396A vulnerability where a WebExtension can run content scripts in disall ...
CVE-2018-12395By rewriting the Host: request headers using the webRequest API, a Web ...
CVE-2018-12393A potential vulnerability was found in 32-bit builds where an integer ...
CVE-2018-12392When manipulating user events in nested loops while opening a document ...
CVE-2018-12391During HTTP Live Stream playback on Firefox for Android, audio data ca ...
CVE-2018-12390Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12388Mozilla developers and community members reported memory safety bugs p ...
CVE-2018-12387A vulnerability where the JavaScript JIT compiler inlines Array.protot ...
CVE-2018-12386A vulnerability in register allocation in JavaScript can lead to type ...
CVE-2018-12385A potentially exploitable crash in TransportSecurityInfo used for SSL ...
CVE-2018-12383If a user saved passwords before Firefox 58 and then later set a maste ...
CVE-2018-12382The displayed addressbar URL can be spoofed on Firefox for Android usi ...
CVE-2018-12381Manually dragging and dropping an Outlook email message into the brows ...
CVE-2018-12379When the Mozilla Updater opens a MAR format file which contains a very ...
CVE-2018-12378A use-after-free vulnerability can occur when an IndexedDB index is de ...
CVE-2018-12377A use-after-free vulnerability can occur when refresh driver timers ar ...
CVE-2018-12376Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of ...
CVE-2018-12375Memory safety bugs present in Firefox 61. Some of these bugs showed ev ...
CVE-2018-12371An integer overflow vulnerability in the Skia library when allocating ...
CVE-2018-12370In Reader View SameSite cookie protections are not checked on exiting. ...
CVE-2018-12369WebExtensions bundled with embedded experiments were not correctly che ...
CVE-2018-12368Windows 10 does not warn users before opening executable files with th ...
CVE-2018-12367In the previous mitigations for Spectre, the resolution or precision o ...
CVE-2018-12366An invalid grid size during QCMS (color profile) transformations can r ...
CVE-2018-12365A compromised IPC child process can escape the content sandbox and lis ...
CVE-2018-12364NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin r ...
CVE-2018-12363A use-after-free vulnerability can occur when script uses mutation eve ...
CVE-2018-12362An integer overflow can occur during graphics operations done by the S ...
CVE-2018-12361An integer overflow can occur in the SwizzleData code while calculatin ...
CVE-2018-12360A use-after-free vulnerability can occur when deleting an input elemen ...
CVE-2018-12359A buffer overflow can occur when rendering canvas content while adjust ...
CVE-2018-12358Service workers can use redirection to avoid the tainting of cross-ori ...
CVE-2018-6156Incorect derivation of a packet length in WebRTC in Google Chrome prio ...
CVE-2018-6126A precision error in Skia in Google Chrome prior to 67.0.3396.62 allow ...
CVE-2018-5188Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ...
CVE-2018-5187Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of t ...
CVE-2018-5186Memory safety bugs present in Firefox 60. Some of these bugs showed ev ...
CVE-2018-5182If a text string that happens to be a filename in the operating system ...
CVE-2018-5181If a URL using the "file:" protocol is dragged and dropped onto an ope ...
CVE-2018-5180A use-after-free vulnerability can occur during WebGL operations. Whil ...
CVE-2018-5177A vulnerability exists in XSLT during number formatting where a negati ...
CVE-2018-5176The JSON Viewer displays clickable hyperlinks for strings that are par ...
CVE-2018-5175A mechanism to bypass Content Security Policy (CSP) protections on sit ...
CVE-2018-5174In the Windows 10 April 2018 Update, Windows Defender SmartScreen hono ...
CVE-2018-5173The filename appearing in the "Downloads" panel improperly renders som ...
CVE-2018-5172The Live Bookmarks page and the PDF viewer can run injected script con ...
CVE-2018-5169If manipulated hyperlinked text with "chrome:" URL contained in it is ...
CVE-2018-5168Sites can bypass security checks on permissions to install lightweight ...
CVE-2018-5167The web console and JavaScript debugger do not sanitize all output tha ...
CVE-2018-5166WebExtensions can use request redirection and a "filterReponseData" fi ...
CVE-2018-5165In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Ena ...
CVE-2018-5164Content Security Policy (CSP) is not applied correctly to all parts of ...
CVE-2018-5163If a malicious attacker has used another vulnerability to gain full co ...
CVE-2018-5160WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image ...
CVE-2018-5159An integer overflow can occur in the Skia library due to 32-bit intege ...
CVE-2018-5158The PDF viewer does not sufficiently sanitize PostScript calculator fu ...
CVE-2018-5157Same-origin protections for the PDF viewer can be bypassed, allowing a ...
CVE-2018-5156A vulnerability can occur when capturing a media stream when the media ...
CVE-2018-5155A use-after-free vulnerability can occur while adjusting layout during ...
CVE-2018-5154A use-after-free vulnerability can occur while enumerating attributes ...
CVE-2018-5153If websocket data is sent with mixed text and binary in a single messa ...
CVE-2018-5152WebExtensions with the appropriate permissions can attach content scri ...
CVE-2018-5151Memory safety bugs were reported in Firefox 59. Some of these bugs sho ...
CVE-2018-5150Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and ...
CVE-2018-5148A use-after-free vulnerability can occur in the compositor during cert ...
CVE-2018-5147The libtremor library has the same flaw as CVE-2018-5146. This library ...
CVE-2018-5146An out of bounds memory write while processing Vorbis audio data was r ...
CVE-2018-5143URLs using "javascript:" have the protocol removed when pasted into th ...
CVE-2018-5142If Media Capture and Streams API permission is requested from document ...
CVE-2018-5141A vulnerability in the notifications Push API where notifications can ...
CVE-2018-5140Image for moz-icons can be accessed through the "moz-icon:" protocol t ...
CVE-2018-5138A spoofing vulnerability can occur when a malicious site with an extre ...
CVE-2018-5137A legacy extension's non-contentaccessible, defined resources can be l ...
CVE-2018-5136A shared worker created from a "data:" URL in one tab can be shared by ...
CVE-2018-5135WebExtensions can bypass normal restrictions in some circumstances and ...
CVE-2018-5134WebExtensions may use "view-source:" URLs to view local "file:" URL co ...
CVE-2018-5133If the "app.support.baseURL" preference is changed by a malicious loca ...
CVE-2018-5132The Find API for WebExtensions can search some privileged pages, such ...
CVE-2018-5131Under certain circumstances the "fetch()" API can return transient loc ...
CVE-2018-5130When packets with a mismatched RTP payload type are sent in WebRTC con ...
CVE-2018-5129A lack of parameter validation on IPC messages results in a potential ...
CVE-2018-5128A use-after-free vulnerability can occur when manipulating elements, e ...
CVE-2018-5127A buffer overflow can occur when manipulating the SVG "animatedPathSeg ...
CVE-2018-5126Memory safety bugs were reported in Firefox 58. Some of these bugs sho ...
CVE-2018-5125Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. S ...
CVE-2018-5124Unsanitized output in the browser UI leaves HTML tags in place and can ...
CVE-2018-5122A potential integer overflow in the "DoCrypt" function of WebCrypto wa ...
CVE-2018-5121Low descenders on some Tibetan characters in several fonts on OS X are ...
CVE-2018-5119The reader view will display cross-origin content when CORS headers ar ...
CVE-2018-5118The screenshot images displayed in the Activity Stream page displayed ...
CVE-2018-5117If right-to-left text is used in the addressbar with left-to-right ali ...
CVE-2018-5116WebExtensions with the "ActiveTab" permission are able to access frame ...
CVE-2018-5115If an HTTP authentication prompt is triggered by a background network ...
CVE-2018-5114If an existing cookie is changed to be "HttpOnly" while a document is ...
CVE-2018-5113The "browser.identity.launchWebAuthFlow" function of WebExtensions is ...
CVE-2018-5112Development Tools panels of an extension are required to load URLs for ...
CVE-2018-5111When the text of a specially formatted URL is dragged to the addressba ...
CVE-2018-5110If cursor visibility is toggled by script using from 'none' to an imag ...
CVE-2018-5109An audio capture session can started under an incorrect origin from th ...
CVE-2018-5108A Blob URL can violate origin attribute segregation, allowing it to be ...
CVE-2018-5107The printing process can bypass local access protections to read files ...
CVE-2018-5106Style editor traffic in the Developer Tools can be routed through a se ...
CVE-2018-5105WebExtensions can bypass user prompts to first save and then open an a ...
CVE-2018-5104A use-after-free vulnerability can occur during font face manipulation ...
CVE-2018-5103A use-after-free vulnerability can occur during mouse event handling d ...
CVE-2018-5102A use-after-free vulnerability can occur when manipulating HTML media ...
CVE-2018-5101A use-after-free vulnerability can occur when manipulating floating "f ...
CVE-2018-5100A use-after-free vulnerability can occur when arguments passed to the ...
CVE-2018-5099A use-after-free vulnerability can occur when the widget listener is h ...
CVE-2018-5098A use-after-free vulnerability can occur when form input elements, foc ...
CVE-2018-5097A use-after-free vulnerability can occur during XSL transformations wh ...
CVE-2018-5095An integer overflow vulnerability in the Skia library when allocating ...
CVE-2018-5094A heap buffer overflow vulnerability may occur in WebAssembly when "sh ...
CVE-2018-5093A heap buffer overflow vulnerability may occur in WebAssembly during M ...
CVE-2018-5092A use-after-free vulnerability can occur when the thread for a Web Wor ...
CVE-2018-5091A use-after-free vulnerability can occur during WebRTC connections whe ...
CVE-2018-5090Memory safety bugs were reported in Firefox 57. Some of these bugs sho ...
CVE-2018-5089Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. S ...
CVE-2017-16541Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ...
CVE-2017-7845A buffer overflow occurs when drawing and validating elements using Di ...
CVE-2017-7844A combination of an external SVG image referenced on a page and the co ...
CVE-2017-7843When Private Browsing mode is used, it is possible for a web worker to ...
CVE-2017-7842If a document's Referrer Policy attribute is set to "no-referrer" some ...
CVE-2017-7840JavaScript can be injected into an exported bookmarks file by placing ...
CVE-2017-7839Control characters prepended before "javascript:" URLs pasted in the a ...
CVE-2017-7838Punycode format text will be displayed for entire qualified internatio ...
CVE-2017-7837SVG loaded through "<img>" tags can use "<meta>" tags within the SVG d ...
CVE-2017-7836The "pingsender" executable used by the Firefox Health Report dynamica ...
CVE-2017-7835Mixed content blocking of insecure (HTTP) sub-resources in a secure (H ...
CVE-2017-7834A "data:" URL loaded in a new tab did not inherit the Content Security ...
CVE-2017-7833Some Arabic and Indic vowel marker characters can be combined with Lat ...
CVE-2017-7832The combined, single character, version of the letter 'i' with any of ...
CVE-2017-7831A vulnerability where the security wrapper does not deny access to som ...
CVE-2017-7830The Resource Timing API incorrectly revealed navigations in cross-orig ...
CVE-2017-7828A use-after-free vulnerability can occur when flushing and resizing la ...
CVE-2017-7827Memory safety bugs were reported in Firefox 56. Some of these bugs sho ...
CVE-2017-7826Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. S ...
CVE-2017-7825Several fonts on OS X display some Tibetan and Arabic characters as wh ...
CVE-2017-7824A buffer overflow occurs when drawing and validating elements with the ...
CVE-2017-7823The content security policy (CSP) "sandbox" directive did not create a ...
CVE-2017-7822The AES-GCM implementation in WebCrypto API accepts 0-length IV when i ...
CVE-2017-7821A vulnerability where WebExtensions can download and attempt to open a ...
CVE-2017-7820The "instanceof" operator can bypass the Xray wrapper mechanism. When ...
CVE-2017-7819A use-after-free vulnerability can occur in design mode when image obj ...
CVE-2017-7818A use-after-free vulnerability can occur when manipulating arrays of A ...
CVE-2017-7817A spoofing vulnerability can occur when a page switches to fullscreen ...
CVE-2017-7816WebExtensions could use popups and panels in the extension UI to load ...
CVE-2017-7815On pages containing an iframe, the "data:" protocol can be used to cre ...
CVE-2017-7814File downloads encoded with "blob:" and "data:" URL elements bypassed ...
CVE-2017-7813Inside the JavaScript parser, a cast of an integer to a narrower type ...
CVE-2017-7812If web content on a page is dragged onto portions of the browser UI, s ...
CVE-2017-7811Memory safety bugs were reported in Firefox 55. Some of these bugs sho ...
CVE-2017-7810Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. S ...
CVE-2017-7809A use-after-free vulnerability can occur when an editor DOM node is de ...
CVE-2017-7808A content security policy (CSP) "frame-ancestors" directive containing ...
CVE-2017-7807A mechanism that uses AppCache to hijack a URL in a domain using fallb ...
CVE-2017-7806A use-after-free vulnerability can occur when the layer manager is fre ...
CVE-2017-7805During TLS 1.2 exchanges, handshake hashes are generated which point t ...
CVE-2017-7804The destructor function for the "WindowsDllDetourPatcher" class can be ...
CVE-2017-7803When a page's content security policy (CSP) header contains a "sandbox ...
CVE-2017-7802A use-after-free vulnerability can occur when manipulating the DOM dur ...
CVE-2017-7801A use-after-free vulnerability can occur while re-computing layout for ...
CVE-2017-7800A use-after-free vulnerability can occur in WebSockets when the object ...
CVE-2017-7799JavaScript in the "about:webrtc" page is not sanitized properly being ...
CVE-2017-7798The Developer Tools feature suffers from a XUL injection vulnerability ...
CVE-2017-7797Response header name interning does not have same-origin protections a ...
CVE-2017-7796On Windows systems, the logger run by the Windows updater deletes the ...
CVE-2017-7794On Linux systems, if the content process is compromised, the sandbox b ...
CVE-2017-7793A use-after-free vulnerability can occur in the Fetch API when the wor ...
CVE-2017-7792A buffer overflow will occur when viewing a certificate in the certifi ...
CVE-2017-7791On pages containing an iframe, the "data:" protocol can be used to cre ...
CVE-2017-7790On Windows systems, if non-null-terminated strings are copied into the ...
CVE-2017-7789If a server sends two Strict-Transport-Security (STS) headers for a si ...
CVE-2017-7788When an "iframe" has a "sandbox" attribute and its content is specifie ...
CVE-2017-7787Same-origin policy protections can be bypassed on pages with embedded ...
CVE-2017-7786A buffer overflow can occur when the image renderer attempts to paint ...
CVE-2017-7785A buffer overflow can occur when manipulating Accessible Rich Internet ...
CVE-2017-7784A use-after-free vulnerability can occur when reading an image observe ...
CVE-2017-7783If a long user name is used in a username/password combination in a si ...
CVE-2017-7782An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Exe ...
CVE-2017-7781An error occurs in the elliptic curve point addition algorithm that us ...
CVE-2017-7780Memory safety bugs were reported in Firefox 54. Some of these bugs sho ...
CVE-2017-7779Memory safety bugs were reported in Firefox 54, Firefox ESR 52.2, and ...
CVE-2017-7778A number of security vulnerabilities in the Graphite 2 library includi ...
CVE-2017-7777Use of uninitialized memory in Graphite2 library in Firefox before 54 ...
CVE-2017-7776Heap-based Buffer Overflow read in Graphite2 library in Firefox before ...
CVE-2017-7774Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphi ...
CVE-2017-7773Heap-based Buffer Overflow write in Graphite2 library in Firefox befor ...
CVE-2017-7772Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 i ...
CVE-2017-7771Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphi ...
CVE-2017-7770A mechanism where when a new tab is loaded through JavaScript events, ...
CVE-2017-7768The Mozilla Maintenance Service can be invoked by an unprivileged user ...
CVE-2017-7767The Mozilla Maintenance Service can be invoked by an unprivileged user ...
CVE-2017-7766An attack using manipulation of "updater.ini" contents, used by the Mo ...
CVE-2017-7765The "Mark of the Web" was not correctly saved on Windows when files wi ...
CVE-2017-7764Characters from the "Canadian Syllabics" unicode block can be mixed wi ...
CVE-2017-7763Default fonts on OS X display some Tibetan characters as whitespace. W ...
CVE-2017-7762When entered directly, Reader Mode did not strip the username and pass ...
CVE-2017-7761The Mozilla Maintenance Service "helper.exe" application creates a tem ...
CVE-2017-7760The Mozilla Windows updater modifies some files to be updated by readi ...
CVE-2017-7759Android intent URLs given to Firefox for Android can be used to naviga ...
CVE-2017-7758An out-of-bounds read vulnerability with the Opus encoder when the num ...
CVE-2017-7757A use-after-free vulnerability in IndexedDB when one of its objects is ...
CVE-2017-7756A use-after-free and use-after-scope vulnerability when logging errors ...
CVE-2017-7755The Firefox installer on Windows can be made to load malicious DLL fil ...
CVE-2017-7754An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" ...
CVE-2017-7753An out-of-bounds read occurs when applying style rules to pseudo-eleme ...
CVE-2017-7752A use-after-free vulnerability during specific user interactions with ...
CVE-2017-7751A use-after-free vulnerability with content viewer listeners that resu ...
CVE-2017-7750A use-after-free vulnerability during video control operations when a ...
CVE-2017-7749A use-after-free vulnerability when using an incorrect URL during the ...
CVE-2017-5472A use-after-free vulnerability with the frameloader during tree recons ...
CVE-2017-5471Memory safety bugs were reported in Firefox 53. Some of these bugs sho ...
CVE-2017-5470Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1. S ...
CVE-2017-5469Fixed potential buffer overflows in generated Firefox code due to CVE- ...
CVE-2017-5468An issue with incorrect ownership model of "privateBrowsing" informati ...
CVE-2017-5467A potential memory corruption and crash when using Skia content when d ...
CVE-2017-5466If a page is loaded from an original site through a hyperlink and cont ...
CVE-2017-5465An out-of-bounds read while processing SVG content in "ConvolvePixel". ...
CVE-2017-5464During DOM manipulations of the accessibility tree through script, the ...
CVE-2017-5463Android intents can be used to launch Firefox for Android in reader mo ...
CVE-2017-5462A flaw in DRBG number generation within the Network Security Services ...
CVE-2017-5461Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through ...
CVE-2017-5460A use-after-free vulnerability in frame selection triggered by a combi ...
CVE-2017-5459A buffer overflow in WebGL triggerable by web content, resulting in a ...
CVE-2017-5458When a "javascript:" URL is drag and dropped by a user into the addres ...
CVE-2017-5456A mechanism to bypass file system access protections in the sandbox us ...
CVE-2017-5455The internal feed reader APIs that crossed the sandbox barrier allowed ...
CVE-2017-5454A mechanism to bypass file system access protections in the sandbox to ...
CVE-2017-5453A mechanism to inject static HTML into the RSS reader preview page due ...
CVE-2017-5452Malicious sites can display a spoofed addressbar on a page when the ex ...
CVE-2017-5451A mechanism to spoof the addressbar through the user interaction on th ...
CVE-2017-5450A mechanism to spoof the Firefox for Android addressbar using a "javas ...
CVE-2017-5449A possibly exploitable crash triggered during layout and manipulation ...
CVE-2017-5448An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Cl ...
CVE-2017-5447An out-of-bounds read during the processing of glyph widths during tex ...
CVE-2017-5446An out-of-bounds read when an HTTP/2 connection to a servers sends "DA ...
CVE-2017-5445A vulnerability while parsing "application/http-index-format" format c ...
CVE-2017-5444A buffer overflow vulnerability while parsing "application/http-index- ...
CVE-2017-5443An out-of-bounds write vulnerability while decoding improperly formed ...
CVE-2017-5442A use-after-free vulnerability during changes in style when manipulati ...
CVE-2017-5441A use-after-free vulnerability when holding a selection during scroll ...
CVE-2017-5440A use-after-free vulnerability during XSLT processing due to a failure ...
CVE-2017-5439A use-after-free vulnerability during XSLT processing due to poor hand ...
CVE-2017-5438A use-after-free vulnerability during XSLT processing due to the resul ...
CVE-2017-5436An out-of-bounds write in the Graphite 2 library triggered with a mali ...
CVE-2017-5435A use-after-free vulnerability occurs during transaction processing in ...
CVE-2017-5434A use-after-free vulnerability occurs when redirecting focus handling ...
CVE-2017-5433A use-after-free vulnerability in SMIL animation functions occurs when ...
CVE-2017-5432A use-after-free vulnerability occurs during certain text input select ...
CVE-2017-5430Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Th ...
CVE-2017-5429Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Fire ...
CVE-2017-5428An integer overflow in "createImageBitmap()" was reported through the ...
CVE-2017-5427A non-existent chrome.manifest file will attempt to be loaded during s ...
CVE-2017-5426On Linux, if the secure computing mode BPF (seccomp-bpf) filter is run ...
CVE-2017-5425The Gecko Media Plugin sandbox allows access to local files that match ...
CVE-2017-5422If a malicious site uses the "view-source:" protocol in a series withi ...
CVE-2017-5421A malicious site could spoof the contents of the print preview window ...
CVE-2017-5420A "javascript:" url loaded by a malicious page can obfuscate its locat ...
CVE-2017-5419If a malicious site repeatedly triggers a modal authentication prompt, ...
CVE-2017-5418An out of bounds read error occurs when parsing some HTTP digest autho ...
CVE-2017-5417When dragging content from the primary browser pane to the addressbar ...
CVE-2017-5416In certain circumstances a networking event listener can be prematurel ...
CVE-2017-5415An attack can use a blob URL and script to spoof an arbitrary addressb ...
CVE-2017-5414The file picker dialog can choose and display the wrong local default ...
CVE-2017-5413A segmentation fault can occur during some bidirectional layout operat ...
CVE-2017-5412A buffer overflow read during SVG filter color value operations, resul ...
CVE-2017-5411A use-after-free can occur during buffer storage operations within the ...
CVE-2017-5410Memory corruption resulting in a potentially exploitable crash during ...
CVE-2017-5409The Mozilla Windows updater can be called by a non-privileged user to ...
CVE-2017-5408Video files loaded video captions cross-origin without checking for th ...
CVE-2017-5407Using SVG filters that don't use the fixed point math implementation o ...
CVE-2017-5406A segmentation fault can occur in the Skia graphics library during som ...
CVE-2017-5405Certain response codes in FTP connections can result in the use of uni ...
CVE-2017-5404A use-after-free error can occur when manipulating ranges in selection ...
CVE-2017-5403When adding a range to an object in the DOM, it is possible to use "ad ...
CVE-2017-5402A use-after-free can occur when events are fired for a "FontFace" obje ...
CVE-2017-5401A crash triggerable by web content in which an "ErrorResult" reference ...
CVE-2017-5400JIT-spray targeting asm.js combined with a heap spray allows for a byp ...
CVE-2017-5399Memory safety bugs were reported in Firefox 51. Some of these bugs sho ...
CVE-2017-5398Memory safety bugs were reported in Thunderbird 45.7. Some of these bu ...
CVE-2017-5397The cache directory on the local file system is set to be world writab ...
CVE-2017-5396A use-after-free vulnerability in the Media Decoder when working with ...
CVE-2017-5395Malicious sites can display a spoofed location bar on a subsequently l ...
CVE-2017-5394A location bar spoofing attack where the location bar of loaded page w ...
CVE-2017-5393The "mozAddonManager" allows for the installation of extensions from t ...
CVE-2017-5392Weak proxy objects have weak references on multiple threads when they ...
CVE-2017-5391Special "about:" pages used by web content, such as RSS feeds, can loa ...
CVE-2017-5390The JSON viewer in the Developer Tools uses insecure methods to create ...
CVE-2017-5389WebExtensions could use the "mozAddonManager" API by modifying the CSP ...
CVE-2017-5388A STUN server in conjunction with a large number of "webkitRTCPeerConn ...
CVE-2017-5387The existence of a specifically requested local file can be found due ...
CVE-2017-5386WebExtension scripts can use the "data:" protocol to affect pages load ...
CVE-2017-5385Data sent with in multipart channels, such as the multipart/x-mixed-re ...
CVE-2017-5384Proxy Auto-Config (PAC) files can specify a JavaScript function called ...
CVE-2017-5383URLs containing certain unicode glyphs for alternative hyphens and quo ...
CVE-2017-5382Feed preview for RSS feeds can be used to capture errors and exception ...
CVE-2017-5381The "export" function in the Certificate Viewer can force local filesy ...
CVE-2017-5380A potential use-after-free found through fuzzing during DOM manipulati ...
CVE-2017-5379Use-after-free vulnerability in Web Animations when interacting with c ...
CVE-2017-5378Hashed codes of JavaScript objects are shared between pages. This allo ...
CVE-2017-5377A memory corruption vulnerability in Skia that can occur when using tr ...
CVE-2017-5376Use-after-free while manipulating XSL in XSLT documents. This vulnerab ...
CVE-2017-5375JIT code allocation can allow for a bypass of ASLR and DEP protections ...
CVE-2017-5374Memory safety bugs were reported in Firefox 50.1. Some of these bugs s ...
CVE-2017-5373Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. ...
CVE-2016-9905A potentially exploitable crash in "EnumerateSubDocuments" while addin ...
CVE-2016-9904An attacker could use a JavaScript Map/Set timing attack to determine ...
CVE-2016-9903Mozilla's add-ons SDK had a world-accessible resource with an HTML inj ...
CVE-2016-9902The Pocket toolbar button, once activated, listens for events fired fr ...
CVE-2016-9901HTML tags received from the Pocket server will be processed without sa ...
CVE-2016-9900External resources that should be blocked when loaded by SVG images ca ...
CVE-2016-9899Use-after-free while manipulating DOM events and removing audio elemen ...
CVE-2016-9898Use-after-free resulting in potentially exploitable crash when manipul ...
CVE-2016-9897Memory corruption resulting in a potentially exploitable crash during ...
CVE-2016-9896Use-after-free while manipulating the "navigator" object within WebVR. ...
CVE-2016-9895Event handlers on "marquee" elements were executed despite a strict Co ...
CVE-2016-9894A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated duri ...
CVE-2016-9893Memory safety bugs were reported in Thunderbird 45.5. Some of these bu ...
CVE-2016-9080Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs ...
CVE-2016-9079A use-after-free vulnerability in SVG Animation has been discovered. A ...
CVE-2016-9078Redirection from an HTTP connection to a "data:" URL assigns the refer ...
CVE-2016-9077Canvas allows the use of the "feDisplacementMap" filter on images load ...
CVE-2016-9076An issue where a "<select>" dropdown menu can be used to cover locatio ...
CVE-2016-9075An issue where WebExtensions can use the mozAddonManager API to elevat ...
CVE-2016-9073WebExtensions can bypass security checks to load privileged URLs and p ...
CVE-2016-9072When a new Firefox profile is created on 64-bit Windows installations, ...
CVE-2016-9071Content Security Policy combined with HTTP to HTTPS redirection can be ...
CVE-2016-9070A maliciously crafted page loaded to the sidebar through a bookmark ca ...
CVE-2016-9069A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operatio ...
CVE-2016-9068A use-after-free during web animations when working with timelines res ...
CVE-2016-9067Two use-after-free errors during DOM operations resulting in potential ...
CVE-2016-9066A buffer overflow resulting in a potentially exploitable crash due to ...
CVE-2016-9065The location bar in Firefox for Android can be spoofed by forcing a us ...
CVE-2016-9064Add-on updates failed to verify that the add-on ID inside the signed p ...
CVE-2016-9063An integer overflow during the parsing of XML using the Expat library. ...
CVE-2016-9062Private browsing mode leaves metadata information, such as URLs, for s ...
CVE-2016-9061A previously installed malicious Android application which defines a s ...
CVE-2016-5299A previously installed malicious Android application with same signatu ...
CVE-2016-5298A mechanism where disruption of the loading of a new web page can caus ...
CVE-2016-5297An error in argument length checking in JavaScript, leading to potenti ...
CVE-2016-5296A heap-buffer-overflow in Cairo when processing SVG content caused by ...
CVE-2016-5295This vulnerability allows an attacker to use the Mozilla Maintenance S ...
CVE-2016-5294The Mozilla Updater can be made to choose an arbitrary target working ...
CVE-2016-5293When the Mozilla Updater is run, if the Updater's log file in the work ...
CVE-2016-5292During URL parsing, a maliciously crafted URL can cause a potentially ...
CVE-2016-5291A same-origin policy bypass with local shortcut files to load arbitrar ...
CVE-2016-5290Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. S ...
CVE-2016-5289Memory safety bugs were reported in Firefox 49. Some of these bugs sho ...
CVE-2016-5288Web content could access information in the HTTP cache if e10s is disa ...
CVE-2016-5287A potentially exploitable use-after-free crash during actor destructio ...
CVE-2016-5284Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunder ...
CVE-2016-5283Mozilla Firefox before 49.0 allows remote attackers to bypass the Same ...
CVE-2016-5282Mozilla Firefox before 49.0 does not properly restrict the scheme in f ...
CVE-2016-5281Use-after-free vulnerability in the DOMSVGLength class in Mozilla Fire ...
CVE-2016-5280Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityM ...
CVE-2016-5279Mozilla Firefox before 49.0 allows user-assisted remote attackers to o ...
CVE-2016-5278Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function ...
CVE-2016-5277Use-after-free vulnerability in the nsRefreshDriver::Tick function in ...
CVE-2016-5276Use-after-free vulnerability in the mozilla::a11y::DocAccessible::Proc ...
CVE-2016-5275Buffer overflow in the mozilla::gfx::FilterSupport::ComputeSourceNeede ...
CVE-2016-5274Use-after-free vulnerability in the nsFrameManager::CaptureFrameState ...
CVE-2016-5273The mozilla::a11y::HyperTextAccessible::GetChildOffset function in the ...
CVE-2016-5272The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ...
CVE-2016-5271The PropertyProvider::GetSpacingInternal function in Mozilla Firefox b ...
CVE-2016-5270Heap-based buffer overflow in the nsCaseTransformTextRunFactory::Trans ...
CVE-2016-5268Mozilla Firefox before 48.0 does not properly set the LINKABLE and URI ...
CVE-2016-5267Mozilla Firefox before 48.0 on Android allows remote attackers to spoo ...
CVE-2016-5266Mozilla Firefox before 48.0 does not properly restrict drag-and-drop ( ...
CVE-2016-5265Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow use ...
CVE-2016-5264Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildL ...
CVE-2016-5263The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and ...
CVE-2016-5262Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process J ...
CVE-2016-5261Integer overflow in the WebSocketChannel class in the WebSockets subsy ...
CVE-2016-5260Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="passw ...
CVE-2016-5259Use-after-free vulnerability in the CanonicalizeXPCOMParticipant funct ...
CVE-2016-5258Use-after-free vulnerability in the WebRTC socket thread in Mozilla Fi ...
CVE-2016-5257Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-5256Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-5255Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep ...
CVE-2016-5254Use-after-free vulnerability in the nsXULPopupManager::KeyDown functio ...
CVE-2016-5253The Updater in Mozilla Firefox before 48.0 on Windows allows local use ...
CVE-2016-5252Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function ...
CVE-2016-5251Mozilla Firefox before 48.0 allows remote attackers to spoof the locat ...
CVE-2016-5250Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 ...
CVE-2016-2839Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux ...
CVE-2016-2838Heap-based buffer overflow in the nsBidi::BracketData::AddOpening func ...
CVE-2016-2837Heap-based buffer overflow in the ClearKey Content Decryption Module ( ...
CVE-2016-2836Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2835Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2834Mozilla Network Security Services (NSS) before 3.23, as used in Mozill ...
CVE-2016-2833Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) dire ...
CVE-2016-2832Mozilla Firefox before 47.0 allows remote attackers to discover the li ...
CVE-2016-2831Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not en ...
CVE-2016-2830Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 preserve ...
CVE-2016-2829Mozilla Firefox before 47.0 allows remote attackers to spoof permissio ...
CVE-2016-2828Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefo ...
CVE-2016-2827The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox be ...
CVE-2016-2826The maintenance service in Mozilla Firefox before 47.0 and Firefox ESR ...
CVE-2016-2825Mozilla Firefox before 47.0 allows remote attackers to bypass the Same ...
CVE-2016-2824The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox befor ...
CVE-2016-2822Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow rem ...
CVE-2016-2821Use-after-free vulnerability in the mozilla::dom::Element class in Moz ...
CVE-2016-2820The Firefox Health Reports (aka FHR or about:healthreport) feature in ...
CVE-2016-2819Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ...
CVE-2016-2818Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2817The WebExtension sandbox feature in browser/components/extensions/ext- ...
CVE-2016-2816Mozilla Firefox before 46.0 allows remote attackers to bypass the Cont ...
CVE-2016-2815Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2814Heap-based buffer overflow in the stagefright::SampleTable::parseSampl ...
CVE-2016-2813Mozilla Firefox before 46.0 on Android does not properly restrict Java ...
CVE-2016-2812Race condition in the get implementation in the ServiceWorkerManager c ...
CVE-2016-2811Use-after-free vulnerability in the ServiceWorkerInfo class in the Ser ...
CVE-2016-2810Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to ...
CVE-2016-2809The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 ...
CVE-2016-2808The watch implementation in the JavaScript engine in Mozilla Firefox b ...
CVE-2016-2807Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2806Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2805Unspecified vulnerability in the browser engine in Mozilla Firefox ESR ...
CVE-2016-2804Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-2802The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphit ...
CVE-2016-2801The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp i ...
CVE-2016-2800The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...
CVE-2016-2799Heap-based buffer overflow in the graphite2::Slot::setAttr function in ...
CVE-2016-2798The graphite2::GlyphCache::Loader::Loader function in Graphite 2 befor ...
CVE-2016-2797The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 be ...
CVE-2016-2796Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code f ...
CVE-2016-2795The graphite2::FileFace::get_table_fn function in Graphite 2 before 1. ...
CVE-2016-2794The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphi ...
CVE-2016-2793CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox ...
CVE-2016-2792The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...
CVE-2016-2791The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, ...
CVE-2016-2790The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3 ...
CVE-2016-1979Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndRet ...
CVE-2016-1977The Machine::Code::decoder::analysis::set_ref function in Graphite 2 b ...
CVE-2016-1974The nsScannerString::AppendUnicodeTo function in Mozilla Firefox befor ...
CVE-2016-1973Race condition in the GetStaticInstance function in the WebRTC impleme ...
CVE-2016-1969The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Fi ...
CVE-2016-1968Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, a ...
CVE-2016-1967Mozilla Firefox before 45.0 does not properly restrict the availabilit ...
CVE-2016-1966The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRu ...
CVE-2016-1965Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle ...
CVE-2016-1964Use-after-free vulnerability in the AtomicBaseIncDec function in Mozil ...
CVE-2016-1963The FileReader class in Mozilla Firefox before 45.0 allows local users ...
CVE-2016-1962Use-after-free vulnerability in the mozilla::DataChannelConnection::Cl ...
CVE-2016-1961Use-after-free vulnerability in the nsHTMLDocument::SetBody function i ...
CVE-2016-1960Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string ...
CVE-2016-1959The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows r ...
CVE-2016-1958browser/base/content/browser.js in Mozilla Firefox before 45.0 and Fir ...
CVE-2016-1957Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firef ...
CVE-2016-1956Mozilla Firefox before 45.0 on Linux, when an Intel video driver is us ...
CVE-2016-1955Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...
CVE-2016-1954The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ...
CVE-2016-1953Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-1952Multiple unspecified vulnerabilities in the browser engine in Mozilla ...
CVE-2016-1951Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable ...
CVE-2016-1950Heap-based buffer overflow in Mozilla Network Security Services (NSS) ...
CVE-2016-1949Mozilla Firefox before 44.0.2 does not properly restrict the interacti ...
CVE-2016-0718Expat allows context-dependent attackers to cause a denial of service ...
CVE-2011-2670Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of C ...
CVE-2011-2669Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue i ...
CVE-2011-2668Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the ...
CVE-2007-0801The nsExternalAppHandler::SetUpTempFile function in Mozilla Firefox 1. ...
CVE-2006-6585The Extensions manager in Mozilla Firefox 2.0 does not properly popula ...
CVE-2006-6504Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonke ...
CVE-2006-6503Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird ...
CVE-2006-6502Use-after-free vulnerability in the LiveConnect bridge code for Mozill ...
CVE-2006-6501Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...
CVE-2006-6500Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5. ...
CVE-2006-6499The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x befo ...
CVE-2006-6498Multiple unspecified vulnerabilities in the JavaScript engine for Mozi ...
CVE-2006-6497Multiple unspecified vulnerabilities in the layout engine for Mozilla ...
CVE-2006-5748Multiple unspecified vulnerabilities in the JavaScript engine in Mozil ...
CVE-2006-5747Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbi ...
CVE-2006-5633Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers t ...
CVE-2006-5464Multiple unspecified vulnerabilities in the layout engine in Mozilla F ...
CVE-2006-5463Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbi ...
CVE-2006-5462Mozilla Network Security Service (NSS) library before 3.11.3, as used ...
CVE-2006-5160Multiple unspecified vulnerabilities in Mozilla Firefox have unspecifi ...
CVE-2006-4571Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunde ...
CVE-2006-4569The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked ...
CVE-2006-4568Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remot ...
CVE-2006-4567Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it ...
CVE-2006-4566Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon ...
CVE-2006-4565Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderb ...
CVE-2006-4561Mozilla Firefox 1.5.0.6 allows remote attackers to execute arbitrary J ...
CVE-2006-4340Mozilla Network Security Service (NSS) library before 3.11.3, as used ...
CVE-2006-4310Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of s ...
CVE-2006-4253Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allow ...
CVE-2006-3812Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3811Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ...
CVE-2006-3810Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ...
CVE-2006-3809Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3808Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ...
CVE-2006-3807Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3806Multiple integer overflows in the Javascript engine in Mozilla Firefox ...
CVE-2006-3805The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ...
CVE-2006-3803Race condition in the JavaScript garbage collection in Mozilla Firefox ...
CVE-2006-3802Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ...
CVE-2006-3801Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ...
CVE-2006-3731Mozilla Firefox 1.5.0.4 and earlier allows remote user-assisted attack ...
CVE-2006-3677Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ...
CVE-2006-3113Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ...
CVE-2006-2788Double free vulnerability in the getRawDER function for nsIX509Cert in ...
CVE-2006-2787EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows ...
CVE-2006-2786HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbi ...
CVE-2006-2785Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5 ...
CVE-2006-2784The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows ...
CVE-2006-2783Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte- ...
CVE-2006-2782Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1 ...
CVE-2006-2780Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 all ...
CVE-2006-2779Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers ...
CVE-2006-2778The crypto.signText function in Mozilla Firefox and Thunderbird before ...
CVE-2006-2777Unspecified vulnerability in Mozilla Firefox before 1.5.0.4 and SeaMon ...
CVE-2006-2776Certain privileged UI code in Mozilla Firefox and Thunderbird before 1 ...
CVE-2006-2775Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attribut ...
CVE-2006-2723Unspecified versions of Mozilla Firefox allow remote attackers to caus ...
CVE-2006-2332Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of s ...
CVE-2006-1993Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote att ...
CVE-2006-1942Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Ne ...
CVE-2006-1790A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to c ...
CVE-2006-1742The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1. ...
CVE-2006-1741Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...
CVE-2006-1740Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...
CVE-2006-1739The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x b ...
CVE-2006-1738Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1737Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and ...
CVE-2006-1736Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ...
CVE-2006-1735Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1734Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1733Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1732Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1731Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ...
CVE-2006-1730Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...
CVE-2006-1729Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Sui ...
CVE-2006-1728Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1727Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ...
CVE-2006-1726Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0. ...
CVE-2006-1725Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes c ...
CVE-2006-1724Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1 ...
CVE-2006-1723Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1531Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1530Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1529Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ...
CVE-2006-1045The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block load ...
CVE-2006-0884The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbi ...
CVE-2006-0749nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1. ...
CVE-2006-0748Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1. ...
CVE-2006-0299The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...
CVE-2006-0298The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...
CVE-2006-0297Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...
CVE-2006-0296The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, a ...
CVE-2006-0295Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...
CVE-2006-0294Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...
CVE-2006-0293The function allocation code (js_NewFunction in jsfun.c) in Firefox 1. ...
CVE-2006-0292The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before ...
CVE-2005-4809Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla a ...
CVE-2005-4720Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to ...
CVE-2005-4134Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.1 ...
CVE-2005-3896Mozilla allows remote attackers to cause a denial of service (CPU cons ...
CVE-2005-2414Race condition in the xpcom library, as used by web browsers such as F ...
CVE-2005-2353run-mozilla.sh in Thunderbird, with debugging enabled, allows local us ...
CVE-2004-2657Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some r ...

Search for package or bug name: Reporting problems