Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-5430 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2018-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 52, Firefox ESR 52, and Thunderbird 52. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2017-5471 | 1 Mozilla | 1 Firefox | 2018-08-09 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 53. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 54. | |||||
| CVE-2017-5413 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| A segmentation fault can occur during some bidirectional layout operations. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2017-5412 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow read during SVG filter color value operations, resulting in data exposure. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2017-5392 | 2 Google, Mozilla | 2 Android, Firefox | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. Note: This issue only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 51. | |||||
| CVE-2016-9080 | 1 Mozilla | 1 Firefox | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 50.0.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 50.1. | |||||
| CVE-2017-5377 | 1 Mozilla | 1 Firefox | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability in Skia that can occur when using transforms to make gradients, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 51. | |||||
| CVE-2017-5374 | 1 Mozilla | 1 Firefox | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 50.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 51. | |||||
| CVE-2017-5410 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Memory corruption resulting in a potentially exploitable crash during garbage collection of JavaScript due errors in how incremental sweeping is managed for memory cleanup. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | |||||
| CVE-2017-5400 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | |||||
| CVE-2017-7780 | 1 Mozilla | 1 Firefox | 2018-08-07 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 55. | |||||
| CVE-2017-5406 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2015-8277 | 1 Flexerasoftware | 1 Flexnet Publisher | 2018-08-07 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode (a) 0x107 or (b) 0x10a. | |||||
| CVE-2018-5126 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 58. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 59. | |||||
| CVE-2018-3582 | 1 Google | 1 Android | 2018-08-06 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2018-5863 | 1 Google | 1 Android | 2018-08-06 | 4.6 MEDIUM | 7.8 HIGH |
| If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | |||||
| CVE-2018-5851 | 1 Google | 1 Android | 2018-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2018-5843 | 1 Google | 1 Android | 2018-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| In the function wma_pdev_div_info_evt_handler() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, there is no upper bound check on the value event->num_chains_valid received from firmware which can lead to a buffer overwrite of the fixed size chain_rssi_result structure. | |||||
| CVE-2018-5842 | 1 Google | 1 Android | 2018-08-03 | 4.6 MEDIUM | 7.8 HIGH |
| An arbitrary address write can occur if a compromised WLAN firmware sends incorrect data to WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2018-5151 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-03 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 59. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 60. | |||||