Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.64%
  • Veröffentlicht 11.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:00:31

A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating syst...

Exploit
  • EPSS 0.4%
  • Veröffentlicht 11.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:00:31

Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. Note: This issue only affects Firefox for Android. Other versions and o...

  • EPSS 5.74%
  • Veröffentlicht 11.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:00:31

An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.

  • EPSS 0.59%
  • Veröffentlicht 04.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:03

A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.

  • EPSS 2.99%
  • Veröffentlicht 18.08.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

Exploit
  • EPSS 5.21%
  • Veröffentlicht 15.03.2017 15:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string ar...

  • EPSS 1.49%
  • Veröffentlicht 22.09.2016 22:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a crafted fragment identifier in the SRC attribute of an IFRAME element, leading to insufficient restrictions on link-color information after a document is resiz...

  • EPSS 2.37%
  • Veröffentlicht 22.09.2016 22:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X....

  • EPSS 1.61%
  • Veröffentlicht 22.09.2016 22:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource.

  • EPSS 5.04%
  • Veröffentlicht 22.09.2016 22:59:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code a...