Mozilla

Firefox

2867 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-5297

  • EPSS 1.91%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 02:54:01

An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

6.5

CVE-2016-5298

Exploit
  • EPSS 0.64%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 02:54:01

A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This ...

7.5

CVE-2016-5299

Exploit
  • EPSS 0.87%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 02:54:01

A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffec...

7.5

CVE-2016-9061

Exploit
  • EPSS 0.87%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 03:00:31

A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating syst...

3.3

CVE-2016-9062

Exploit
  • EPSS 0.08%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 03:00:31

Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and o...

9.8

CVE-2016-9063

  • EPSS 1.46%
  • Published 11.06.2018 21:29:00
  • Last modified 21.11.2024 03:00:31

An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.

5.8

CVE-2018-10229

  • EPSS 0.33%
  • Published 04.05.2018 20:29:00
  • Last modified 21.11.2024 03:41:03

A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.

9.8

CVE-2007-5341

  • EPSS 1.63%
  • Published 18.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

7.5

CVE-2016-10196

Exploit
  • EPSS 0.81%
  • Published 15.03.2017 15:59:00
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string ar...

8.8

CVE-2016-5283

  • EPSS 0.1%
  • Published 22.09.2016 22:59:18
  • Last modified 12.04.2025 10:46:40

Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resiz...