VYPR

Vendor CVEs

Mozilla Corporation

All CVEs

3,627 total · sorted by risk
  • CVE-2017-7797HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55.

  • CVE-2017-7790HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows…

  • CVE-2017-7787HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

  • CVE-2017-7765HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note:…

  • CVE-2017-7762HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54.

  • CVE-2017-7759HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems…

  • CVE-2017-7754HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

  • CVE-2017-5467HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

  • CVE-2017-5455HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.04

    The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and escalation of privilege if combined with another vulnerability that resulted in remote code execution inside the sandboxed process. This vulnerability affects Firefox ESR < 52.1 and…

  • CVE-2017-5454HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects…

  • CVE-2017-5450HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This…

  • CVE-2017-5449HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53.

  • CVE-2017-5445HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array. This could allow the reading of uninitialized memory into the arrays affected. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9,…

  • CVE-2017-5444HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.07

    A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data. This allows for an out-of-bounds read of data from memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox…

  • CVE-2017-5425HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow access to…

  • CVE-2017-5422HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox < 52 and…

  • CVE-2017-5421HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox < 52 and Thunderbird < 52.

  • CVE-2017-5419HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack. This vulnerability affects Firefox < 52 and Thunderbird < 52.

  • CVE-2017-5416HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    In certain circumstances a networking event listener can be prematurely released. This appears to result in a null dereference in practice. This vulnerability affects Firefox < 52 and Thunderbird < 52.

  • CVE-2017-5412HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.05

    A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52.

  • CVE-2017-5411HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is…

  • CVE-2017-5406HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52.

  • CVE-2017-5388HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability…

  • CVE-2017-5385HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Data sent with in multipart channels, such as the multipart/x-mixed-replace MIME type, will ignore the referrer-policy response header, leading to potential information disclosure for sites using this header. This vulnerability affects Firefox < 51.

  • CVE-2017-5382HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Feed preview for RSS feeds can be used to capture errors and exceptions generated by privileged content, allowing for the exposure of internal information not meant to be seen by web content. This vulnerability affects Firefox < 51.

  • CVE-2017-5381HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51.

  • CVE-2017-5379HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Use-after-free vulnerability in Web Animations when interacting with cycle collection found through fuzzing. This vulnerability affects Firefox < 51.

  • CVE-2017-5378HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird <…

  • CVE-2016-9904HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. This could be used to leak information, such as usernames embedded in JavaScript code, across websites. This vulnerability affects…

  • CVE-2016-9902HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    The Pocket toolbar button, once activated, listens for events fired from it's own pages but does not verify the origin of incoming events. This allows content from other origins to fire events and inject content and commands into the Pocket context. Note: this issue does not…

  • CVE-2016-9897HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.03

    Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

  • CVE-2016-9894HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.05

    A buffer overflow in SkiaGl caused when a GrGLBuffer is truncated during allocation. Later writers will overflow the buffer, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.1.

  • CVE-2016-9073HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50.

  • CVE-2016-9072HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.01

    When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.

  • CVE-2016-9068HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50.

  • CVE-2016-9065HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are…

  • CVE-2016-9061HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This…

  • CVE-2016-5299HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability…

  • CVE-2016-5296HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.04

    A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

  • CVE-2017-14875HigMar 30, 2018
    risk 0.49cvss 7.5epss 0.01

    In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

  • CVE-2017-7502HigMay 30, 2017
    risk 0.49cvss 7.5epss 0.04

    Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

  • CVE-2016-2821HigJun 13, 2016
    risk 0.49cvss 7.5epss 0.03

    Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by…

  • CVE-2016-2812HigApr 30, 2016
    risk 0.49cvss 7.5epss 0.02

    Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site.

  • CVE-2016-2808HigApr 30, 2016
    risk 0.49cvss 7.5epss 0.02

    The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write…

  • CVE-2014-1505HigMar 19, 2014
    risk 0.49cvss 7.5epss 0.04

    The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read…

  • CVE-2014-1487HigFeb 6, 2014
    risk 0.49cvss 7.5epss 0.02

    The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error…

  • CVE-2014-1481HigFeb 6, 2014
    risk 0.49cvss 7.5epss 0.04

    Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines.

  • CVE-2014-1479HigFeb 6, 2014
    risk 0.49cvss 7.5epss 0.05

    The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content…

  • CVE-2009-1837HigJun 12, 2009
    risk 0.49cvss 7.5epss 0.04

    Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free…

  • CVE-2026-4371HigMar 24, 2026
    risk 0.48cvss 7.4epss 0.00

    A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird…

Page 13 of 73