Mozilla

Firefox

3102 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-7201

  • EPSS 1.58%
  • Veröffentlicht 16.12.2015 11:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

7.5

CVE-2015-7200

  • EPSS 2.29%
  • Veröffentlicht 05.11.2015 05:59:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.

7.5

CVE-2015-7199

  • EPSS 2.53%
  • Veröffentlicht 05.11.2015 05:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption)...

7.5

CVE-2015-7198

  • EPSS 3.92%
  • Veröffentlicht 05.11.2015 05:59:22
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact vi...

5

CVE-2015-7197

  • EPSS 1.83%
  • Veröffentlicht 05.11.2015 05:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.

6.8

CVE-2015-7196

  • EPSS 2.44%
  • Veröffentlicht 05.11.2015 05:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Jav...

5

CVE-2015-7195

  • EPSS 0.56%
  • Veröffentlicht 05.11.2015 05:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.

7.5

CVE-2015-7194

  • EPSS 2.61%
  • Veröffentlicht 05.11.2015 05:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.

7.5

CVE-2015-7193

  • EPSS 1.27%
  • Veröffentlicht 05.11.2015 05:59:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypas...

7.5

CVE-2015-7192

  • EPSS 2.66%
  • Veröffentlicht 05.11.2015 05:59:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X improperly interacts with the implementation of the TABLE element, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary cod...