CVE-2015-7178
- EPSS 3.42%
- Veröffentlicht 24.09.2015 04:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-7176
- EPSS 4.35%
- Veröffentlicht 24.09.2015 04:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service (stack-based buffer overflow and applicati...
CVE-2015-7177
- EPSS 3.47%
- Veröffentlicht 24.09.2015 04:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vector...
CVE-2015-7175
- EPSS 3.5%
- Veröffentlicht 24.09.2015 04:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via...
CVE-2015-7174
- EPSS 3.5%
- Veröffentlicht 24.09.2015 04:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via...
CVE-2015-4522
- EPSS 3.5%
- Veröffentlicht 24.09.2015 04:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact v...
CVE-2015-4521
- EPSS 3.5%
- Veröffentlicht 24.09.2015 04:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknow...
CVE-2015-4520
- EPSS 3.1%
- Veröffentlicht 24.09.2015 04:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS preflight protection mechanisms by leveraging (1) duplicate cache-key generation or (2) retrieval of a value from an incorrect HTTP Access-Control-* re...
CVE-2015-4519
- EPSS 2.73%
- Veröffentlicht 24.09.2015 04:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to bypass intended access restrictions and discover a redirect's target URL via crafted JavaScript code that executes after a drag-and-drop action of an...
CVE-2015-4517
- EPSS 3.47%
- Veröffentlicht 24.09.2015 04:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.