Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.32%
  • Veröffentlicht 16.12.2015 11:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a craft...

  • EPSS 5.85%
  • Veröffentlicht 16.12.2015 11:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

  • EPSS 6.02%
  • Veröffentlicht 16.12.2015 11:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod...

  • EPSS 2.14%
  • Veröffentlicht 05.11.2015 05:59:24
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers to have an unspecified impact via vectors related to a cryptographic key.

  • EPSS 3.15%
  • Veröffentlicht 05.11.2015 05:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 lack status checking, which allows remote attackers to cause a denial of service (memory corruption)...

  • EPSS 3.22%
  • Veröffentlicht 05.11.2015 05:59:22
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact vi...

  • EPSS 2.54%
  • Veröffentlicht 05.11.2015 05:59:21
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.

  • EPSS 3.66%
  • Veröffentlicht 05.11.2015 05:59:20
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java plugin is enabled, allow remote attackers to cause a denial of service (incorrect garbage collection and application crash) or possibly execute arbitrary code via a crafted Jav...

  • EPSS 2.18%
  • Veröffentlicht 05.11.2015 05:59:19
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped characters in hostnames within Location headers, which allows remote attackers to obtain sensitive information via vectors involving a redirect.

  • EPSS 4.23%
  • Veröffentlicht 05.11.2015 05:59:18
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP archive.