| Bug | Description |
|---|
| CVE-2022-34478 | |
| CVE-2022-31747 | |
| CVE-2022-31742 | |
| CVE-2022-31741 | |
| CVE-2022-31740 | |
| CVE-2022-31739 | |
| CVE-2022-31738 | |
| CVE-2022-31737 | |
| CVE-2022-31736 | |
| CVE-2022-29917 | |
| CVE-2022-29916 | |
| CVE-2022-29914 | |
| CVE-2022-29913 | |
| CVE-2022-29912 | |
| CVE-2022-29911 | |
| CVE-2022-29909 | |
| CVE-2022-28289 | |
| CVE-2022-28286 | |
| CVE-2022-28285 | |
| CVE-2022-28282 | |
| CVE-2022-28281 | |
| CVE-2022-26486 | |
| CVE-2022-26485 | |
| CVE-2022-26387 | |
| CVE-2022-26386 | |
| CVE-2022-26384 | |
| CVE-2022-26383 | |
| CVE-2022-26381 | |
| CVE-2022-24713 | regex is an implementation of regular expressions for the Rust languag ... |
| CVE-2022-22764 | |
| CVE-2022-22763 | |
| CVE-2022-22761 | |
| CVE-2022-22760 | |
| CVE-2022-22759 | |
| CVE-2022-22756 | |
| CVE-2022-22754 | |
| CVE-2022-22753 | |
| CVE-2022-22751 | |
| CVE-2022-22748 | |
| CVE-2022-22747 | |
| CVE-2022-22746 | |
| CVE-2022-22745 | |
| CVE-2022-22744 | |
| CVE-2022-22743 | |
| CVE-2022-22742 | |
| CVE-2022-22741 | |
| CVE-2022-22740 | |
| CVE-2022-22739 | |
| CVE-2022-22738 | |
| CVE-2022-22737 | |
| CVE-2022-1834 | |
| CVE-2022-1802 | |
| CVE-2022-1529 | |
| CVE-2022-1520 | |
| CVE-2022-1197 | |
| CVE-2022-1196 | |
| CVE-2022-1097 | |
| CVE-2022-0566 | |
| CVE-2021-44538 | The olm_session_describe function in Matrix libolm before 3.2.7 is vul ... |
| CVE-2021-43546 | It was possible to recreate previous cursor spoofing attacks against u ... |
| CVE-2021-43545 | Using the Location API in a loop could have caused severe application ... |
| CVE-2021-43543 | Documents loaded with the CSP sandbox directive could have escaped the ... |
| CVE-2021-43542 | Using XMLHttpRequest, an attacker could have identified installed appl ... |
| CVE-2021-43541 | When invoking protocol handlers for external protocols, a supplied par ... |
| CVE-2021-43539 | Failure to correctly record the location of live pointers across wasm ... |
| CVE-2021-43538 | By misusing a race in our notification code, an attacker could have fo ... |
| CVE-2021-43537 | An incorrect type conversion of sizes from 64bit to 32bit integers all ... |
| CVE-2021-43536 | Under certain circumstances, asynchronous functions could have caused ... |
| CVE-2021-43535 | A use-after-free could have occured when an HTTP2 session object was r ... |
| CVE-2021-43534 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2021-43529 | |
| CVE-2021-43528 | Thunderbird unexpectedly enabled JavaScript in the composition area. T ... |
| CVE-2021-38510 | The executable file warning was not presented when downloading .inetlo ... |
| CVE-2021-38509 | Due to an unusual sequence of attacker-controlled events, a Javascript ... |
| CVE-2021-38508 | By displaying a form validity message in the correct location at the s ... |
| CVE-2021-38507 | The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a conn ... |
| CVE-2021-38506 | Through a series of navigations, Firefox could have entered fullscreen ... |
| CVE-2021-38505 | Microsoft introduced a new feature in Windows 10 known as Cloud Clipbo ... |
| CVE-2021-38504 | When interacting with an HTML input element's file picker dialog with ... |
| CVE-2021-38503 | The iframe sandbox rules were not correctly applied to XSLT stylesheet ... |
| CVE-2021-38502 | Thunderbird ignored the configuration to require STARTTLS security for ... |
| CVE-2021-38501 | Mozilla developers reported memory safety bugs present in Firefox 92 a ... |
| CVE-2021-38500 | Mozilla developers reported memory safety bugs present in Firefox 92 a ... |
| CVE-2021-38498 | During process shutdown, a document could have caused a use-after-free ... |
| CVE-2021-38497 | Through use of reportValidity() and window.open(), a plain-text valida ... |
| CVE-2021-38496 | During operations on MessageTasks, a task may have been removed while ... |
| CVE-2021-38495 | Mozilla developers reported memory safety bugs present in Thunderbird ... |
| CVE-2021-38493 | Mozilla developers reported memory safety bugs present in Firefox 91 a ... |
| CVE-2021-38492 | When delegating navigations to the operating system, Firefox would acc ... |
| CVE-2021-32810 | crossbeam-deque is a package of work-stealing deques for building task ... |
| CVE-2021-30547 | Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 a ... |
| CVE-2021-29989 | Mozilla developers reported memory safety bugs present in Firefox 90 a ... |
| CVE-2021-29988 | Firefox incorrectly treated an inline list-item element as a block ele ... |
| CVE-2021-29987 | After requesting multiple permissions, and closing the first permissio ... |
| CVE-2021-29986 | A suspected race condition when calling getaddrinfo led to memory corr ... |
| CVE-2021-29985 | A use-after-free vulnerability in media channels could have led to mem ... |
| CVE-2021-29984 | Instruction reordering resulted in a sequence of instructions that wou ... |
| CVE-2021-29982 | Due to incorrect JIT optimization, we incorrectly interpreted data fro ... |
| CVE-2021-29981 | An issue present in lowering/register allocation could have led to obs ... |
| CVE-2021-29980 | Uninitialized memory in a canvas object could have caused an incorrect ... |
| CVE-2021-29976 | Mozilla developers reported memory safety bugs present in code shared ... |
| CVE-2021-29970 | A malicious webpage could have triggered a use-after-free, memory corr ... |
| CVE-2021-29969 | If Thunderbird was configured to use STARTTLS for an IMAP connection, ... |
| CVE-2021-29967 | Mozilla developers reported memory safety bugs present in Firefox 88 a ... |
| CVE-2021-29964 | A locally-installed hostile program could send `WM_COPYDATA` messages ... |
| CVE-2021-29957 | If a MIME encoded email contains an OpenPGP inline signed or encrypted ... |
| CVE-2021-29956 | OpenPGP secret keys that were imported using Thunderbird version 78.8. ... |
| CVE-2021-29951 | The Mozilla Maintenance Service granted SERVICE_START access to BUILTI ... |
| CVE-2021-29950 | Thunderbird unprotects a secret OpenPGP key prior to using it for a de ... |
| CVE-2021-29949 | When loading the shared library that provides the OTR protocol impleme ... |
| CVE-2021-29948 | Signatures are written to disk before and read during verification, wh ... |
| CVE-2021-29946 | Ports that were written as an integer overflow above the bounds of a 1 ... |
| CVE-2021-29945 | The WebAssembly JIT could miscalculate the size of a return type, whic ... |
| CVE-2021-24002 | When a user clicked on an FTP URL containing encoded newline character ... |
| CVE-2021-23999 | If a Blob URL was loaded through some unusual user interaction, it cou ... |
| CVE-2021-23998 | Through complicated navigations with new windows, an HTTP page could h ... |
| CVE-2021-23995 | When Responsive Design Mode was enabled, it used references to objects ... |
| CVE-2021-23994 | A WebGL framebuffer was not initialized early enough, resulting in mem ... |
| CVE-2021-23993 | An attacker may perform a DoS attack to prevent a user from sending en ... |
| CVE-2021-23992 | Thunderbird did not check if the user ID associated with an OpenPGP ke ... |
| CVE-2021-23991 | If a Thunderbird user has previously imported Alice's OpenPGP key, and ... |
| CVE-2021-23987 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2021-23984 | A malicious extension could have opened a popup window lacking an addr ... |
| CVE-2021-23982 | Using techniques that built on the slipstream research, a malicious we ... |
| CVE-2021-23981 | A texture upload of a Pixel Buffer Object could have confused the WebG ... |
| CVE-2021-23978 | Mozilla developers reported memory safety bugs present in Firefox 85 a ... |
| CVE-2021-23973 | When trying to load a cross-origin resource in an audio/video context ... |
| CVE-2021-23969 | As specified in the W3C Content Security Policy draft, when creating a ... |
| CVE-2021-23968 | If Content Security Policy blocked frame navigation, the full destinat ... |
| CVE-2021-23964 | Mozilla developers reported memory safety bugs present in Firefox 84 a ... |
| CVE-2021-23961 | Further techniques that built on the slipstream research combined with ... |
| CVE-2021-23960 | Performing garbage collection on re-declared JavaScript variables resu ... |
| CVE-2021-23954 | Using the new logical assignment operators in a JavaScript switch stat ... |
| CVE-2021-23953 | If a user clicked into a specifically crafted PDF, the PDF reader coul ... |
| CVE-2021-4140 | |
| CVE-2021-4126 | |
| CVE-2020-35113 | Mozilla developers reported memory safety bugs present in Firefox 83 a ... |
| CVE-2020-35112 | If a user downloaded a file lacking an extension on Windows, and then ... |
| CVE-2020-35111 | When an extension with the proxy permission registered to receive < ... |
| CVE-2020-26978 | Using techniques that built on the slipstream research, a malicious we ... |
| CVE-2020-26976 | When a HTTPS pages was embedded in a HTTP page, and there was a servic ... |
| CVE-2020-26974 | When flex-basis was used on a table wrapper, a StyleGenericFlexBasis o ... |
| CVE-2020-26973 | Certain input to the CSS Sanitizer confused it, resulting in incorrect ... |
| CVE-2020-26971 | Certain blit values provided by the user were not properly constrained ... |
| CVE-2020-26970 | When reading SMTP server status codes, Thunderbird writes an integer v ... |
| CVE-2020-26968 | Mozilla developers reported memory safety bugs present in Firefox 82 a ... |
| CVE-2020-26966 | Searching for a single word from the address bar caused an mDNS reques ... |
| CVE-2020-26965 | Some websites have a feature "Show Password" where clicking a button w ... |
| CVE-2020-26961 | When DNS over HTTPS is in use, it intentionally filters RFC1918 and re ... |
| CVE-2020-26960 | If the Compact() method was called on an nsTArray, the array could hav ... |
| CVE-2020-26959 | During browser shutdown, reference decrementing could have occured on ... |
| CVE-2020-26958 | Firefox did not block execution of scripts with incorrect MIME types w ... |
| CVE-2020-26956 | In some cases, removing HTML elements during sanitization would keep e ... |
| CVE-2020-26953 | It was possible to cause the browser to enter fullscreen mode without ... |
| CVE-2020-26951 | A parsing and event loading mismatch in Firefox's SVG code could have ... |
| CVE-2020-26950 | In certain circumstances, the MCallGetProperty opcode can be emitted w ... |
| CVE-2020-16044 | Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowe ... |
| CVE-2020-16042 | Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed ... |
| CVE-2020-16012 | Side-channel information leakage in graphics in Google Chrome prior to ... |
| CVE-2020-15969 | Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowe ... |
| CVE-2020-15685 | |
| CVE-2020-15683 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2020-15678 | When recursing through graphical layers while scrolling, an iterator m ... |
| CVE-2020-15677 | By exploiting an Open Redirect vulnerability on a website, an attacker ... |
| CVE-2020-15676 | Firefox sometimes ran the onload handler for SVG elements that the DOM ... |
| CVE-2020-15673 | Mozilla developers reported memory safety bugs present in Firefox 80 a ... |
| CVE-2020-15669 | When aborting an operation, such as a fetch, an abort signal may be de ... |
| CVE-2020-15664 | By holding a reference to the eval() function from an about:blank wind ... |
| CVE-2020-15663 | If Firefox is installed to a user-writable directory, the Mozilla Main ... |
| CVE-2020-15659 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2020-15658 | The code for downloading files did not properly take care of special c ... |
| CVE-2020-15657 | Firefox could be made to load attacker-supplied DLL files from the ins ... |
| CVE-2020-15656 | JIT optimizations involving the Javascript arguments object could conf ... |
| CVE-2020-15655 | A redirected HTTP request which is observed or modified through a web ... |
| CVE-2020-15654 | When in an endless loop, a website specifying a custom cursor using CS ... |
| CVE-2020-15653 | An iframe sandbox element with the allow-popups flag could be bypassed ... |
| CVE-2020-15652 | By observing the stack trace for JavaScript errors in web workers, it ... |
| CVE-2020-15646 | If an attacker intercepts Thunderbird's initial attempt to perform aut ... |
| CVE-2020-12421 | When performing add-on updates, certificate chains terminating in non- ... |
| CVE-2020-12420 | When trying to connect to a STUN server, a race condition could have c ... |
| CVE-2020-12419 | When processing callbacks that occurred during window flushing in the ... |
| CVE-2020-12418 | Manipulating individual parts of a URL object could have caused an out ... |
| CVE-2020-12417 | Due to confusion about ValueTags on JavaScript Objects, an object may ... |
| CVE-2020-12410 | Mozilla developers reported memory safety bugs present in Firefox 76 a ... |
| CVE-2020-12406 | Mozilla Developer Iain Ireland discovered a missing type check during ... |
| CVE-2020-12405 | When browsing a malicious page, a race condition in our SharedWorkerSe ... |
| CVE-2020-12399 | NSS has shown timing differences when performing DSA signatures, which ... |
| CVE-2020-12398 | If Thunderbird is configured to use STARTTLS for an IMAP server, and t ... |
| CVE-2020-12397 | By encoding Unicode whitespace characters within the From email header ... |
| CVE-2020-12395 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2020-12393 | The 'Copy as cURL' feature of Devtools' network tab did not properly e ... |
| CVE-2020-12392 | The 'Copy as cURL' feature of Devtools' network tab did not properly e ... |
| CVE-2020-12387 | A race condition when running shutdown code for Web Worker led to a us ... |
| CVE-2020-6831 | A buffer overflow could occur when parsing and validating SCTP chunks ... |
| CVE-2020-6825 | Mozilla developers and community members Tyson Smith and Christian Hol ... |
| CVE-2020-6822 | On 32-bit builds, an out of bounds write could have occurred when proc ... |
| CVE-2020-6821 | When reading from areas partially or fully outside the source resource ... |
| CVE-2020-6820 | Under certain conditions, when handling a ReadableStream, a race condi ... |
| CVE-2020-6819 | Under certain conditions, when running the nsDocShell destructor, a ra ... |
| CVE-2020-6814 | Mozilla developers reported memory safety bugs present in Firefox and ... |
| CVE-2020-6812 | The first time AirPods are connected to an iPhone, they become named a ... |
| CVE-2020-6811 | The 'Copy as cURL' feature of Devtools' network tab did not properly e ... |
| CVE-2020-6807 | When a device was changed while a stream was about to be destroyed, th ... |
| CVE-2020-6806 | By carefully crafting promise resolutions, it was possible to cause an ... |
| CVE-2020-6805 | When removing data about an origin whose tab was recently closed, a us ... |
| CVE-2020-6800 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2020-6798 | If a template tag was used in a select tag, the parser could be confus ... |
| CVE-2020-6797 | By downloading a file with the .fileloc extension, a semi-privileged e ... |
| CVE-2020-6795 | When processing a message that contains multiple S/MIME signatures, a ... |
| CVE-2020-6794 | If a user saved passwords before Thunderbird 60 and then later set a m ... |
| CVE-2020-6793 | When processing an email message with an ill-formed envelope, Thunderb ... |
| CVE-2020-6792 | When deriving an identifier for an email message, uninitialized memory ... |
| CVE-2020-6514 | Inappropriate implementation in WebRTC in Google Chrome prior to 84.0. ... |
| CVE-2020-6463 | Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowe ... |
| CVE-2019-20503 | usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ... |
| CVE-2019-17026 | Incorrect alias information in IonMonkey JIT compiler for setting arra ... |
| CVE-2019-17024 | Mozilla developers reported memory safety bugs present in Firefox 71 a ... |
| CVE-2019-17022 | When pasting a &lt;style&gt; tag from the clipboard into a ric ... |
| CVE-2019-17021 | During the initialization of a new content process, a race condition o ... |
| CVE-2019-17017 | Due to a missing case handling object types, a type confusion vulnerab ... |
| CVE-2019-17016 | When pasting a &lt;style&gt; tag from the clipboard into a ric ... |
| CVE-2019-17015 | During the initialization of a new content process, a pointer offset c ... |
| CVE-2019-17012 | Mozilla developers reported memory safety bugs present in Firefox 70 a ... |
| CVE-2019-17011 | Under certain conditions, when retrieving a document from a DocShell i ... |
| CVE-2019-17010 | Under certain conditions, when checking the Resist Fingerprinting pref ... |
| CVE-2019-17009 | When running, the updater service wrote status and log files to an unr ... |
| CVE-2019-17008 | When using nested workers, a use-after-free could occur during worker ... |
| CVE-2019-17005 | The plain text serializer used a fixed-size array for the number of &l ... |
| CVE-2019-15903 | In libexpat before 2.2.8, crafted XML input could fool the parser into ... |
| CVE-2019-13722 | Inappropriate implementation in WebRTC in Google Chrome prior to 79.0. ... |
| CVE-2019-11764 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2019-11763 | Failure to correctly handle null bytes when processing HTML entities r ... |
| CVE-2019-11762 | If two same-origin documents set document.domain differently to become ... |
| CVE-2019-11761 | By using a form with a data URI it was possible to gain access to the ... |
| CVE-2019-11760 | A fixed-size stack buffer could overflow in nrappkit when doing WebRTC ... |
| CVE-2019-11759 | An attacker could have caused 4 bytes of HMAC output to be written pas ... |
| CVE-2019-11758 | Mozilla community member Philipp reported a memory safety bug present ... |
| CVE-2019-11757 | When following the value's prototype chain, it was possible to retain ... |
| CVE-2019-11755 | A crafted S/MIME message consisting of an inner encryption layer and a ... |
| CVE-2019-11752 | It is possible to delete an IndexedDB key value and subsequently try t ... |
| CVE-2019-11746 | A use-after-free vulnerability can occur while manipulating video elem ... |
| CVE-2019-11744 | Some HTML elements, such as &lt;title&gt; and &lt;textarea ... |
| CVE-2019-11743 | Navigation events were not fully adhering to the W3C's "Navigation-Tim ... |
| CVE-2019-11742 | A same-origin policy violation occurs allowing the theft of cross-orig ... |
| CVE-2019-11740 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2019-11739 | Encrypted S/MIME parts in a crafted multipart/alternative message can ... |
| CVE-2019-11730 | A vulnerability exists where if a user opens a locally saved HTML file ... |
| CVE-2019-11729 | Empty or malformed p256-ECDH public keys may trigger a segmentation fa ... |
| CVE-2019-11719 | When importing a curve25519 private key in PKCS#8format with leading 0 ... |
| CVE-2019-11717 | A vulnerability exists where the caret ("^") character is improperly e ... |
| CVE-2019-11715 | Due to an error while parsing page content, it is possible for properl ... |
| CVE-2019-11713 | A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/ ... |
| CVE-2019-11712 | POST requests made by NPAPI plugins, such as Flash, that receive a sta ... |
| CVE-2019-11711 | When an inner window is reused, it does not consider the use of docume ... |
| CVE-2019-11709 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2019-11708 | Insufficient vetting of parameters passed with the Prompt:Open IPC mes ... |
| CVE-2019-11707 | A type confusion vulnerability can occur when manipulating JavaScript ... |
| CVE-2019-11706 | A flaw in Thunderbird's implementation of iCal causes a type confusion ... |
| CVE-2019-11705 | A flaw in Thunderbird's implementation of iCal causes a stack buffer o ... |
| CVE-2019-11704 | A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ... |
| CVE-2019-11703 | A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ... |
| CVE-2019-11698 | If a crafted hyperlink is dragged and dropped to the bookmark bar or s ... |
| CVE-2019-11694 | A vulnerability exists in the Windows sandbox where an uninitialized v ... |
| CVE-2019-11693 | The bufferdata function in WebGL is vulnerable to a buffer overflow wi ... |
| CVE-2019-11692 | A use-after-free vulnerability can occur when listeners are removed fr ... |
| CVE-2019-11691 | A use-after-free vulnerability can occur when working with XMLHttpRequ ... |
| CVE-2019-9820 | A use-after-free vulnerability can occur in the chrome event handler w ... |
| CVE-2019-9819 | A vulnerability where a JavaScript compartment mismatch can occur whil ... |
| CVE-2019-9818 | A race condition is present in the crash generation server used to gen ... |
| CVE-2019-9817 | Images from a different domain can be read using a canvas object in so ... |
| CVE-2019-9816 | A possible vulnerability exists where type confusion can occur when ma ... |
| CVE-2019-9815 | If hyperthreading is not disabled, a timing attack vulnerability exist ... |
| CVE-2019-9811 | As part of a winning Pwn2Own entry, a researcher demonstrated a sandbo ... |
| CVE-2019-9801 | Firefox will accept any registered Program ID as an external protocol ... |
| CVE-2019-9800 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2019-9797 | Cross-origin images can be read in violation of the same-origin policy ... |
| CVE-2019-9796 | A use-after-free vulnerability can occur when the SMIL animation contr ... |
| CVE-2019-9795 | A vulnerability where type-confusion in the IonMonkey just-in-time (JI ... |
| CVE-2019-9794 | A vulnerability was discovered where specific command line arguments a ... |
| CVE-2019-9793 | A mechanism was discovered that removes some bounds checking for strin ... |
| CVE-2019-9792 | The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTI ... |
| CVE-2019-9791 | The type inference system allows the compilation of functions that can ... |
| CVE-2019-9790 | A use-after-free vulnerability can occur when a raw pointer to a DOM e ... |
| CVE-2019-9788 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2019-7317 | png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after- ... |
| CVE-2019-5798 | Lack of correct bounds checking in Skia in Google Chrome prior to 73.0 ... |
| CVE-2019-5785 | Incorrect convexity calculations in Skia in Google Chrome prior to 72. ... |
| CVE-2018-18513 | A crash can occur when processing a crafted S/MIME message or an XPI p ... |
| CVE-2018-18512 | A use-after-free vulnerability can occur while playing a sound notific ... |
| CVE-2018-18511 | Cross-origin images can be read from a canvas element in violation of ... |
| CVE-2018-18509 | A flaw during verification of certain S/MIME signatures causes emails ... |
| CVE-2018-18506 | When proxy auto-detection is enabled, if a web server serves a Proxy A ... |
| CVE-2018-18505 | An earlier fix for an Inter-process Communication (IPC) vulnerability, ... |
| CVE-2018-18501 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2018-18500 | A use-after-free vulnerability can occur while parsing an HTML5 stream ... |
| CVE-2018-18499 | A same-origin policy violation allowing the theft of cross-origin URL ... |
| CVE-2018-18498 | A potential vulnerability leading to an integer overflow can occur dur ... |
| CVE-2018-18494 | A same-origin policy violation allowing the theft of cross-origin URL ... |
| CVE-2018-18493 | A buffer overflow can occur in the Skia library during buffer offset c ... |
| CVE-2018-18492 | A use-after-free vulnerability can occur after deleting a selection el ... |
| CVE-2018-18356 | An integer overflow in path handling lead to a use after free in Skia ... |
| CVE-2018-18335 | Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 al ... |
| CVE-2018-17466 | Incorrect texture handling in Angle in Google Chrome prior to 70.0.353 ... |
| CVE-2018-12405 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2018-12393 | A potential vulnerability was found in 32-bit builds where an integer ... |
| CVE-2018-12392 | When manipulating user events in nested loops while opening a document ... |
| CVE-2018-12391 | During HTTP Live Stream playback on Firefox for Android, audio data ca ... |
| CVE-2018-12390 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2018-12389 | Mozilla developers and community members reported memory safety bugs p ... |
| CVE-2018-12385 | A potentially exploitable crash in TransportSecurityInfo used for SSL ... |
| CVE-2018-12383 | If a user saved passwords before Firefox 58 and then later set a maste ... |
| CVE-2018-12379 | When the Mozilla Updater opens a MAR format file which contains a very ... |
| CVE-2018-12378 | A use-after-free vulnerability can occur when an IndexedDB index is de ... |
| CVE-2018-12377 | A use-after-free vulnerability can occur when refresh driver timers ar ... |
| CVE-2018-12376 | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of ... |
| CVE-2018-12374 | Plaintext of decrypted emails can leak through by user submitting an e ... |
| CVE-2018-12373 | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can ... |
| CVE-2018-12372 | Decrypted S/MIME parts, when included in HTML crafted for an attack, c ... |
| CVE-2018-12371 | An integer overflow vulnerability in the Skia library when allocating ... |
| CVE-2018-12368 | Windows 10 does not warn users before opening executable files with th ... |
| CVE-2018-12367 | In the previous mitigations for Spectre, the resolution or precision o ... |
| CVE-2018-12366 | An invalid grid size during QCMS (color profile) transformations can r ... |
| CVE-2018-12365 | A compromised IPC child process can escape the content sandbox and lis ... |
| CVE-2018-12364 | NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin r ... |
| CVE-2018-12363 | A use-after-free vulnerability can occur when script uses mutation eve ... |
| CVE-2018-12362 | An integer overflow can occur during graphics operations done by the S ... |
| CVE-2018-12361 | An integer overflow can occur in the SwizzleData code while calculatin ... |
| CVE-2018-12360 | A use-after-free vulnerability can occur when deleting an input elemen ... |
| CVE-2018-12359 | A buffer overflow can occur when rendering canvas content while adjust ... |
| CVE-2018-5188 | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ... |
| CVE-2018-5187 | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of t ... |
| CVE-2018-5185 | Plaintext of decrypted emails can leak through by user submitting an e ... |
| CVE-2018-5184 | Using remote content in encrypted messages can lead to the disclosure ... |
| CVE-2018-5183 | Mozilla developers backported selected changes in the Skia library. Th ... |
| CVE-2018-5178 | A buffer overflow was found during UTF8 to Unicode string conversion w ... |
| CVE-2018-5174 | In the Windows 10 April 2018 Update, Windows Defender SmartScreen hono ... |
| CVE-2018-5170 | It is possible to spoof the filename of an attachment and display an a ... |
| CVE-2018-5168 | Sites can bypass security checks on permissions to install lightweight ... |
| CVE-2018-5162 | Plaintext of decrypted emails can leak through the src attribute of re ... |
| CVE-2018-5161 | Crafted message headers can cause a Thunderbird process to hang on rec ... |
| CVE-2018-5159 | An integer overflow can occur in the Skia library due to 32-bit intege ... |
| CVE-2018-5156 | A vulnerability can occur when capturing a media stream when the media ... |
| CVE-2018-5155 | A use-after-free vulnerability can occur while adjusting layout during ... |
| CVE-2018-5154 | A use-after-free vulnerability can occur while enumerating attributes ... |
| CVE-2018-5150 | Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and ... |
| CVE-2018-5146 | An out of bounds memory write while processing Vorbis audio data was r ... |
| CVE-2018-5145 | Memory safety bugs were reported in Firefox ESR 52.6. These bugs showe ... |
| CVE-2018-5144 | An integer overflow can occur during conversion of text to some Unicod ... |
| CVE-2018-5129 | A lack of parameter validation on IPC messages results in a potential ... |
| CVE-2018-5127 | A buffer overflow can occur when manipulating the SVG "animatedPathSeg ... |
| CVE-2018-5125 | Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. S ... |
| CVE-2018-5117 | If right-to-left text is used in the addressbar with left-to-right ali ... |
| CVE-2018-5104 | A use-after-free vulnerability can occur during font face manipulation ... |
| CVE-2018-5103 | A use-after-free vulnerability can occur during mouse event handling d ... |
| CVE-2018-5102 | A use-after-free vulnerability can occur when manipulating HTML media ... |
| CVE-2018-5099 | A use-after-free vulnerability can occur when the widget listener is h ... |
| CVE-2018-5098 | A use-after-free vulnerability can occur when form input elements, foc ... |
| CVE-2018-5097 | A use-after-free vulnerability can occur during XSL transformations wh ... |
| CVE-2018-5096 | A use-after-free vulnerability can occur while editing events in form ... |
| CVE-2018-5095 | An integer overflow vulnerability in the Skia library when allocating ... |
| CVE-2018-5089 | Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. S ... |
| CVE-2017-16541 | Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ... |
| CVE-2017-7848 | RSS fields can inject new lines into the created email structure, modi ... |
| CVE-2017-7847 | Crafted CSS in an RSS feed can leak and reveal local path strings, whi ... |
| CVE-2017-7846 | It is possible to execute JavaScript in the parsed RSS feed when RSS f ... |
| CVE-2017-7845 | A buffer overflow occurs when drawing and validating elements using Di ... |
| CVE-2017-7830 | The Resource Timing API incorrectly revealed navigations in cross-orig ... |
| CVE-2017-7829 | It is possible to spoof the sender's email address and display an arbi ... |
| CVE-2017-7828 | A use-after-free vulnerability can occur when flushing and resizing la ... |
| CVE-2017-7826 | Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. S ... |
| CVE-2017-7824 | A buffer overflow occurs when drawing and validating elements with the ... |
| CVE-2017-7823 | The content security policy (CSP) "sandbox" directive did not create a ... |
| CVE-2017-7819 | A use-after-free vulnerability can occur in design mode when image obj ... |
| CVE-2017-7818 | A use-after-free vulnerability can occur when manipulating arrays of A ... |
| CVE-2017-7814 | File downloads encoded with "blob:" and "data:" URL elements bypassed ... |
| CVE-2017-7810 | Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. S ... |
| CVE-2017-7805 | During TLS 1.2 exchanges, handshake hashes are generated which point t ... |
| CVE-2017-7793 | A use-after-free vulnerability can occur in the Fetch API when the wor ... |
| CVE-2016-5824 | libical 1.0 allows remote attackers to cause a denial of service (use- ... |
| CVE-2006-4571 | Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunde ... |
| CVE-2006-4570 | Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "L ... |
| CVE-2006-4569 | The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked ... |
| CVE-2006-4568 | Mozilla Firefox before 1.5.0.7 and SeaMonkey before 1.0.5 allows remot ... |
| CVE-2006-4567 | Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it ... |
| CVE-2006-4566 | Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMon ... |
| CVE-2006-4565 | Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderb ... |
| CVE-2006-4340 | Mozilla Network Security Service (NSS) library before 3.11.3, as used ... |
| CVE-2006-4253 | Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allow ... |
| CVE-2006-3812 | Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... |
| CVE-2006-3811 | Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbir ... |
| CVE-2006-3810 | Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before ... |
| CVE-2006-3809 | Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... |
| CVE-2006-3808 | Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remot ... |
| CVE-2006-3807 | Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... |
| CVE-2006-3806 | Multiple integer overflows in the Javascript engine in Mozilla Firefox ... |
| CVE-2006-3805 | The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird b ... |
| CVE-2006-3804 | Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and S ... |
| CVE-2006-3803 | Race condition in the JavaScript garbage collection in Mozilla Firefox ... |
| CVE-2006-3802 | Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMon ... |
| CVE-2006-3801 | Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not ... |
| CVE-2006-3677 | Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 allows r ... |
| CVE-2006-3113 | Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and Se ... |
| CVE-2006-2787 | EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows ... |
| CVE-2006-2786 | HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbi ... |
| CVE-2006-2783 | Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte- ... |
| CVE-2006-2781 | Double free vulnerability in nsVCard.cpp in Mozilla Thunderbird before ... |
| CVE-2006-2780 | Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 all ... |
| CVE-2006-2779 | Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers ... |
| CVE-2006-2778 | The crypto.signText function in Mozilla Firefox and Thunderbird before ... |
| CVE-2006-2776 | Certain privileged UI code in Mozilla Firefox and Thunderbird before 1 ... |
| CVE-2006-2775 | Mozilla Firefox and Thunderbird before 1.5.0.4 associates XUL attribut ... |
| CVE-2006-1942 | Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Ne ... |
| CVE-2006-1790 | A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to c ... |
| CVE-2006-1742 | The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1. ... |
| CVE-2006-1741 | Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ... |
| CVE-2006-1740 | Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite b ... |
| CVE-2006-1739 | The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x b ... |
| CVE-2006-1738 | Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ... |
| CVE-2006-1737 | Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and ... |
| CVE-2006-1735 | Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ... |
| CVE-2006-1734 | Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ... |
| CVE-2006-1733 | Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ... |
| CVE-2006-1732 | Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ... |
| CVE-2006-1731 | Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, ... |
| CVE-2006-1730 | Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ... |
| CVE-2006-1728 | Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ... |
| CVE-2006-1727 | Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x befor ... |
| CVE-2006-1726 | Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0. ... |
| CVE-2006-1724 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1 ... |
| CVE-2006-1723 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ... |
| CVE-2006-1531 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ... |
| CVE-2006-1530 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ... |
| CVE-2006-1529 | Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, a ... |
| CVE-2006-1045 | The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block load ... |
| CVE-2006-0884 | The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbi ... |
| CVE-2006-0749 | nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1. ... |
| CVE-2006-0748 | Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1. ... |
| CVE-2006-0299 | The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ... |
| CVE-2006-0298 | The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ... |
| CVE-2006-0297 | Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ... |
| CVE-2006-0296 | The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, a ... |
| CVE-2006-0295 | Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ... |
| CVE-2006-0294 | Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ... |
| CVE-2006-0292 | The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before ... |
| CVE-2005-2353 | run-mozilla.sh in Thunderbird, with debugging enabled, allows local us ... |