Mozilla

Firefox

2867 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-2814

  • EPSS 2.14%
  • Veröffentlicht 30.04.2016 17:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary cod...

6.5

CVE-2016-2813

  • EPSS 0.47%
  • Veröffentlicht 30.04.2016 17:59:11
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 46.0 on Android does not properly restrict JavaScript access to orientation and motion data, which allows remote attackers to obtain sensitive information about a device's physical environment, and possibly discover PIN values,...

7.5

CVE-2016-2812

  • EPSS 0.59%
  • Veröffentlicht 30.04.2016 17:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application ...

8.8

CVE-2016-2811

  • EPSS 1.74%
  • Veröffentlicht 30.04.2016 17:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox before 46.0 allows remote attackers to execute arbitrary code via vectors related to the BeginReading method.

5

CVE-2016-2810

  • EPSS 0.27%
  • Veröffentlicht 30.04.2016 17:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved passw...

5.8

CVE-2016-2809

  • EPSS 0.39%
  • Veröffentlicht 30.04.2016 17:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.

7.5

CVE-2016-2808

  • EPSS 0.68%
  • Veröffentlicht 30.04.2016 17:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow...

10

CVE-2016-2807

  • EPSS 1.32%
  • Veröffentlicht 30.04.2016 17:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or...

10

CVE-2016-2806

  • EPSS 1.32%
  • Veröffentlicht 30.04.2016 17:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

10

CVE-2016-2805

  • EPSS 0.89%
  • Veröffentlicht 30.04.2016 17:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.