CVE-2014-1549
- EPSS 5.64%
- Veröffentlicht 23.07.2014 11:12:42
- Zuletzt bearbeitet 06.05.2026 22:30:45
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or caus...
- EPSS 4.9%
- Veröffentlicht 23.07.2014 11:12:42
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Au...
- EPSS 4.91%
- Veröffentlicht 11.06.2014 10:57:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap m...
- EPSS 2.15%
- Veröffentlicht 11.06.2014 10:57:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript...
- EPSS 3.75%
- Veröffentlicht 11.06.2014 10:57:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code o...
CVE-2014-1530
- EPSS 1.67%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si...
CVE-2014-1531
- EPSS 5.59%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co...
CVE-2014-1532
- EPSS 4.65%
- Veröffentlicht 30.04.2014 10:49:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a...
CVE-2014-1518
- EPSS 5.98%
- Veröffentlicht 30.04.2014 10:49:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app...
CVE-2014-1523
- EPSS 3.16%
- Veröffentlicht 30.04.2014 10:49:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat...