CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mozilla » Firefox : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2020-15667 434 Exec Code Overflow Mem. Corr. 2020-10-01 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controlled signing key. This vulnerability affects Firefox < 80.
52 CVE-2020-12409 2020-07-09 2020-07-13
6.8
None Remote Medium Not required Partial Partial Partial
When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. This vulnerability affects Firefox < 77.
53 CVE-2020-12387 362 2020-05-26 2021-12-14
6.8
None Remote Medium Not required Partial Partial Partial
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
54 CVE-2020-6822 787 2020-04-24 2020-05-01
6.8
None Remote Medium Not required Partial Partial Partial
On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75.
55 CVE-2020-6820 415 2020-04-24 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
56 CVE-2020-6819 416 2020-04-24 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.
57 CVE-2020-6811 74 Exec Code 2020-03-25 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
58 CVE-2020-6807 416 Exec Code 2020-03-25 2020-04-22
6.8
None Remote Medium Not required Partial Partial Partial
When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
59 CVE-2020-6806 125 Mem. Corr. 2020-03-25 2020-04-22
6.8
None Remote Medium Not required Partial Partial Partial
By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
60 CVE-2020-6805 416 2020-03-25 2020-04-22
6.8
None Remote Medium Not required Partial Partial Partial
When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.
61 CVE-2020-6801 787 Mem. Corr. 2020-03-02 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73.
62 CVE-2020-6800 787 Mem. Corr. 2020-03-02 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.
63 CVE-2020-6796 787 Mem. Corr. 2020-03-02 2020-03-12
6.8
None Remote Medium Not required Partial Partial Partial
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5.
64 CVE-2019-17026 843 2020-03-02 2021-05-13
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.
65 CVE-2019-17025 787 Mem. Corr. 2020-01-08 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72.
66 CVE-2019-17024 120 Mem. Corr. 2020-01-08 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
67 CVE-2019-17017 843 2020-01-08 2020-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
68 CVE-2019-17013 120 Mem. Corr. 2020-01-08 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.
69 CVE-2019-17012 120 Mem. Corr. 2020-01-08 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
70 CVE-2019-17008 416 2020-01-08 2020-01-16
6.8
None Remote Medium Not required Partial Partial Partial
When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
71 CVE-2019-17005 120 Overflow Mem. Corr. 2020-01-08 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
72 CVE-2019-11764 787 Mem. Corr. 2020-01-08 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
73 CVE-2019-11760 787 Overflow 2020-01-08 2020-03-14
6.8
None Remote Medium Not required Partial Partial Partial
A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
74 CVE-2019-11759 120 Exec Code 2020-01-08 2020-03-14
6.8
None Remote Medium Not required Partial Partial Partial
An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
75 CVE-2019-11758 119 Overflow Mem. Corr. 2020-01-08 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.
76 CVE-2019-11757 416 2020-01-08 2020-03-14
6.8
None Remote Medium Not required Partial Partial Partial
When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.
77 CVE-2019-11756 416 DoS 2020-01-08 2020-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
78 CVE-2019-11746 416 2019-09-27 2019-10-04
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.
79 CVE-2019-11745 787 2020-01-08 2021-02-19
6.8
None Remote Medium Not required Partial Partial Partial
When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.
80 CVE-2019-11738 276 Bypass 2019-09-27 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.
81 CVE-2019-11712 352 Bypass CSRF 2019-07-23 2019-07-29
6.8
None Remote Medium Not required Partial Partial Partial
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
82 CVE-2019-11711 2019-07-23 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
83 CVE-2019-11696 20 2019-07-23 2019-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox < 67.
84 CVE-2019-9821 416 2019-07-23 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox < 67.
85 CVE-2019-9813 843 2019-04-26 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
86 CVE-2019-9810 119 Overflow 2019-04-26 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
87 CVE-2018-18503 119 Overflow 2019-02-05 2019-02-08
6.8
None Remote Medium Not required Partial Partial Partial
When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.
88 CVE-2018-12406 119 Overflow Mem. Corr. 2019-02-28 2019-03-01
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 63. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 64.
89 CVE-2018-12388 119 Overflow Mem. Corr. 2019-02-28 2019-03-01
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers and community members reported memory safety bugs present in Firefox 62. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63.
90 CVE-2018-12387 20 2018-10-18 2018-12-06
6.4
None Remote Low Not required Partial None Partial
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
91 CVE-2018-12375 119 Overflow Mem. Corr. 2018-10-18 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 62.
92 CVE-2018-12371 190 Overflow 2020-07-09 2020-07-13
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.
93 CVE-2018-12370 352 Bypass CSRF 2018-10-18 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox < 61.
94 CVE-2018-12364 352 Bypass CSRF 2018-10-18 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
95 CVE-2018-12363 416 2018-10-18 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
96 CVE-2018-12362 190 Overflow 2018-10-18 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
97 CVE-2018-12361 190 Overflow 2018-10-18 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox ESR < 60.1, and Firefox < 61.
98 CVE-2018-12360 416 2018-10-18 2018-12-03
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
99 CVE-2018-12359 119 Overflow 2018-10-18 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
100 CVE-2018-5158 94 2018-06-11 2019-03-13
6.8
None Remote Medium Not required Partial Partial Partial
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
Total number of vulnerabilities : 285   Page : 1 2 (This Page)3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.