VYPR

Firefox

by Mozilla Corporation

Source repositories

CVEs (3,179)

  • CVE-2019-11729HigJul 23, 2019
    risk 0.49cvss 7.5epss 0.03

    Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

  • CVE-2019-11723HigJul 23, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web…

  • CVE-2019-11719HigJul 23, 2019
    risk 0.49cvss 7.5epss 0.02

    When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox <…

  • CVE-2019-11694HigJul 23, 2019
    risk 0.49cvss 7.5epss 0.02

    A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note:…

  • CVE-2019-9809HigApr 26, 2019
    risk 0.49cvss 7.5epss 0.02

    If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS)…

  • CVE-2019-9806HigApr 26, 2019
    risk 0.49cvss 7.5epss 0.01

    A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox < 66.

  • CVE-2019-9802HigApr 26, 2019
    risk 0.49cvss 7.5epss 0.01

    If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox…

  • CVE-2019-9799HigApr 26, 2019
    risk 0.49cvss 7.5epss 0.01

    Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox < 66.

  • CVE-2018-5179HigApr 26, 2019
    risk 0.49cvss 7.5epss 0.01

    A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

  • CVE-2018-12401HigFeb 28, 2019
    risk 0.49cvss 7.5epss 0.02

    Some special resource URIs will cause a non-exploitable crash if loaded with optional parameters following a '?' in the parsed string. This could lead to denial of service (DOS) attacks. This vulnerability affects Firefox < 63.

  • CVE-2018-12395HigFeb 28, 2019
    risk 0.49cvss 7.5epss 0.03

    By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox <…

  • CVE-2018-12393HigFeb 28, 2019
    risk 0.49cvss 7.5epss 0.04

    A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible out-of-bounds write. *Note: 64-bit…

  • CVE-2018-5182HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. This is contrary to policy and is what would happen if the string were the equivalent "file:" URL. This…

  • CVE-2018-5181HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. One way to make the target tab open more reliably in a separate process…

  • CVE-2018-5180HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability…

  • CVE-2018-5177HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.04

    A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.

  • CVE-2018-5174HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user…

  • CVE-2018-5166HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.

  • CVE-2018-5160HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    WebRTC can use a "WrappedI420Buffer" pixel buffer but the owning image object can be freed while it is still in use. This can result in the WebRTC encoder using uninitialized memory, leading to a potentially exploitable crash. This vulnerability affects Firefox < 60.

  • CVE-2018-5157HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects…

Page 53 of 159