Endpoint Vuln Protection

Name Status Update
World read and write access to app_tmp directory on Android
Add
Firefox
Same-origin bypass through symbolic links
Add
Firefox
WebGL Information disclosure through OS X NVIDIA graphic drivers
Add
Firefox
Shared object library loading from writable location
Add
Firefox
Android Crash Reporter open to manipulation
Add
Firefox
File: protocol links downloaded to SD card by default
Add
Firefox
Clickjacking through cursor invisibility after Flash interaction
Add
Firefox
Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
Add
Thunderbird
Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
Add
Firefox,Firefox ESR
Firefox for Android addressbar can be removed after fullscreen mode
Add
Firefox
Reading sensitive profile files through local HTML file on Android
Add
Firefox
Android intents can be used on Firefox for Android to open privileged files
Add
Firefox
XSS attack through intents on Firefox for Android
Add
Firefox
Crash when accessing HTML tables with accessibility tools on OS X
Add
Firefox
Sensitive URL encoded information written to Android logcat
Add
Firefox
Site attribute spoofing on Android by pasting URL with unknown scheme
Add
Firefox
Addressbar spoofing through stored data url shortcuts on Firefox for Android
Add
Firefox
Delay following click events in file download dialog too short on OS X
Add
Firefox
Lightweight themes on Firefox for Android do not verify a secure connection
Add
Firefox
Linux video memory DOS with Intel drivers
Add
Firefox
Disclosure of user actions through JavaScript with motion and orientation sensors
Add
Firefox
Security patch #74435 available for PHP
Add
PHP
PostgreSQL: lo_put() function ignores ACLs
Add
PostgreSQL
PostgreSQL: pg_user_mappings view discloses passwords to users lacking server privileges
Add
PostgreSQL
PostgreSQL: empty password accepted in some authentication methods
Add
PostgreSQL
Wireshark vulnerability wnpa-sec-2018-06
Add
Wireshark
PostgreSQL: Uncontrolled search path element in pg_dump and other client applications
Add
PostgreSQL
PostgreSQL: pg_upgrade creates file of sensitive metadata under prevailing umask
Add
PostgreSQL
PostgreSQL: Memory disclosure in table partitioning
Add
PostgreSQL
Security patch #66901 available for PHP
Add
PHP
Security patch #73807 available for PHP
Add
PHP
Security patch #74101 available for PHP
Add
PHP
Security patch #74103 available for PHP
Add
PHP
Security patch #74111 available for PHP
Add
PHP
Security patch #74782 available for PHP
Add
PHP
Security patch #75055 available for PHP
Add
PHP
Security patch #75981 available for PHP
Add
PHP
Content provider permission bypass allows malicious application to access data
Add
Firefox
Security vulnerabilities fixed in Firefox 59
Add
Firefox
Security vulnerabilities fixed in Firefox ESR 52.7
Add
Firefox ESR
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows GDI Elevation of Privilege Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows GDI Elevation of Privilege Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Installer Elevation of Privilege Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Security Feature Bypass Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Hyper-V Denial of Service Vulnerability
Add
Windows 10,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: CredSSP Remote Code Execution Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Hyper-V Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9
Microsoft: Scripting Engine Information Disclosure Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016
Microsoft: CNG Security Feature Bypass Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft Exchange Information Disclosure Vulnerability
Add
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20,Microsoft Exchange Server 2013 Cumulative Update 18,Microsoft Exchange Server 2013 Cumulative Update 19,Microsoft Exchange Server 2013 Service Pack 1,Microsoft Exchange Server 2016 Cumulative Update 7,Microsoft Exchange Server 2016 Cumulative Update 8
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft Browser Information Disclosure Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Microsoft Edge
Internet Explorer Information Disclosure Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft Browser Information Disclosure Vulnerability
Add
Internet Explorer 11,Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Scripting Engine Information Disclosure Vulnerability
Add
Microsoft Edge
Microsoft Exchange Elevation of Privilege Vulnerability
Add
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20,Microsoft Exchange Server 2013 Cumulative Update 18,Microsoft Exchange Server 2013 Cumulative Update 19,Microsoft Exchange Server 2013 Service Pack 1,Microsoft Exchange Server 2016 Cumulative Update 7,Microsoft Exchange Server 2016 Cumulative Update 8
Microsoft Exchange Information Disclosure Vulnerability
Add
Microsoft Exchange Server 2016 Cumulative Update 7,Microsoft Exchange Server 2016 Cumulative Update 8
Internet Explorer Elevation of Privilege Vulnerability
Add
Internet Explorer 11
Microsoft: March 2018 Adobe Flash Security Update
Add
Adobe Flash Player on Windows RT 8.1,Windows 10,Windows 8,Windows Server 2012,Windows Server 2016
Microsoft Sharepoint Elevation of Privilege Vulnerability
Add
Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft: Win32k Elevation of Privilege Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Storage Services Elevation of Privilege Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows GDI Elevation of Privilege Vulnerability
Add
Windows 7,Windows Server 2008
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Chakra Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Remote Assistance Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft Edge Information Disclosure Vulnerability
Add
Microsoft Edge
Microsoft: Windows Desktop Bridge Elevation of Privilege Vulnerability
Add
Windows 10,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft Video Control Elevation of Privilege Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft: Windows Desktop Bridge Elevation of Privilege Vulnerability
Add
Windows 10,Windows Server 2016
Microsoft: Windows Shell Remote Code Execution Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft Access Remote Code Execution Vulnerability
Add
Microsoft Access 2010 Service Pack 2 (32-bit editions),Microsoft Access 2010 Service Pack 2 (64-bit editions),Microsoft Access 2013 Service Pack 1 (32-bit editions),Microsoft Access 2013 Service Pack 1 (64-bit editions),Microsoft Access 2016 x64,Microsoft Access 2016 x86,Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft: Windows Kernel Information Disclosure Vulnerability
Add
Windows 10,Windows 7,Windows 8,Windows RT 8.1,Windows Server 2008,Windows Server 2012,Windows Server 2016,Windows Server, version 1709 (Server Core Installation)
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft Office Excel Security Feature Bypass
Add
Microsoft Excel 2007 Service Pack 3,Microsoft Excel 2010 Service Pack 2 (32-bit editions),Microsoft Excel 2010 Service Pack 2 (64-bit editions),Microsoft Excel 2013 RT Service Pack 1,Microsoft Excel 2013 Service Pack 1 (32-bit editions),Microsoft Excel 2013 Service Pack 1 (64-bit editions),Microsoft Excel 2016 x64,Microsoft Excel 2016 x86,Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 for Mac
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft SharePoint Enterprise Server 2016
Microsoft Office Information Disclosure Vulnerability
Add
Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 for Mac,Microsoft Office Online Server 2016,Microsoft Office Web Apps 2010 Service Pack 2,Microsoft Office Web Apps Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2010 Service Pack 2,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft SharePoint Enterprise Server 2016
Microsoft Office Memory Corruption Vulnerability
Add
Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office Compatibility Pack Service Pack 3,Microsoft Office Online Server 2016,Microsoft Office Web Apps 2010 Service Pack 2,Microsoft Office Web Apps 2013 Service Pack 1,Microsoft Office Word Viewer,Microsoft SharePoint Enterprise Server 2013 Service Pack 1,Microsoft SharePoint Server 2010 Service Pack 2,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 (32-bit editions),Microsoft Word 2013 (64-bit editions),Microsoft Word 2013 RT Service Pack 1
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft SharePoint Enterprise Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability
Add
Microsoft Project Server 2013 Service Pack 1,Microsoft SharePoint Enterprise Server 2016
Microsoft: Scripting Engine Information Disclosure Vulnerability
Add
Microsoft Edge
Microsoft Edge Memory Corruption Vulnerability
Add
Internet Explorer 10,Internet Explorer 11,Internet Explorer 9,Microsoft Edge
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Microsoft: Scripting Engine Memory Corruption Vulnerability
Add
Microsoft Edge
Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
Mod
Firefox,Firefox ESR
Use-after-free and buffer overflow issues found using Address Sanitizer
Mod
Firefox,Firefox ESR
Buffer Overflow in Canvas
Mod
Firefox,Firefox ESR
URL spoofing in addressbar during page loads
Mod
Firefox,Firefox ESR
Use-after-free when displaying table with many columns and column groups
Mod
Firefox,Firefox ESR
Crash due to handling of SSL on threads
Mod
Firefox,Firefox ESR
AutoWrapperChanger fails to keep objects alive during garbage collection
Mod
Firefox,Firefox ESR
Compartment mismatch with quickstubs returned values
Mod
Firefox,Firefox ESR
Event manipulation in plugin handler to bypass same-origin policy
Mod
Firefox,Firefox ESR
Miscellaneous use-after-free issues found through ASAN fuzzing
Mod
Firefox,Firefox ESR
Memory corruption in workers
Mod
Firefox,Firefox ESR
Use-after-free in HTML document templates
Mod
Thunderbird
Use-after-free in HTML document templates
Mod
Firefox,Firefox ESR
Miscellaneous Network Security Services (NSS) vulnerabilities
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Mod
Firefox,Firefox ESR
Application Installation doorhanger persists on navigation
Mod
Firefox
Character encoding cross-origin XSS attack
Mod
Firefox
Sandbox restrictions not applied to nested object elements
Mod
Firefox
Use-after-free in event listeners
Mod
Thunderbird
Use-after-free in event listeners
Mod
Firefox,Firefox ESR
Use-after-free during Table Editing
Mod
Thunderbird
Use-after-free during Table Editing
Mod
Firefox,Firefox ESR
Address space layout leaked in XBL objects
Mod
Firefox,Firefox ESR
Potential overflow in JavaScript binary search algorithms
Mod
Firefox
Segmentation violation when replacing ordered list elements
Mod
Thunderbird
Segmentation violation when replacing ordered list elements
Mod
Firefox,Firefox ESR
Linux clipboard information disclosure though selection paste
Mod
Firefox
Trust settings for built-in roots ignored during EV certificate validation
Mod
Thunderbird
Trust settings for built-in roots ignored during EV certificate validation
Mod
Firefox,Firefox ESR
Use-after-free in synthetic mouse movement
Mod
Thunderbird
Use-after-free in synthetic mouse movement
Mod
Firefox,Firefox ESR
GetElementIC typed array stubs can be generated outside observed typesets
Mod
Thunderbird
GetElementIC typed array stubs can be generated outside observed typesets
Mod
Firefox,Firefox ESR
JPEG information leak
Mod
Thunderbird
JPEG information leak
Mod
Firefox,Firefox ESR
Mis-issued ANSSI/DCSSI certificate
Mod
Thunderbird
Mis-issued ANSSI/DCSSI certificate
Mod
Firefox,Firefox ESR
Buffer overflow in Javascript string concatenation
Mod
Firefox,Firefox ESR
Memory corruption in XBL with XML bindings containing SVG
Mod
Firefox,Firefox ESR
Chrome Object Wrapper (COW) bypass through changing prototype
Mod
Firefox,Firefox ESR
Privilege escalation through plugin objects
Mod
Firefox,Firefox ESR
Use-after-free in serializeToStream
Mod
Firefox,Firefox ESR
Use-after-free in ListenerManager
Mod
Firefox,Firefox ESR
Use-after-free in Vibrate
Mod
Firefox,Firefox ESR
Use-after-free in Javascript Proxy objects
Mod
Firefox,Firefox ESR
Mis-issued TURKTRUST certificates
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)
Mod
Firefox,Firefox ESR
Out-of-bounds read in image rendering
Mod
Firefox
Wrapped WebIDL objects can be wrapped again
Mod
Firefox
Web content bypass of COW and SOW security wrappers
Mod
Firefox,Firefox ESR
Privacy leak in JavaScript Workers
Mod
Firefox,Firefox ESR
Use-after-free in nsImageLoadingContent
Mod
Firefox,Firefox ESR
Phishing on HTTPS connection through malicious proxy
Mod
Firefox,Firefox ESR
Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
Mod
Firefox,Firefox ESR
Use-after-free in HTML Editor
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
Mod
Firefox,Firefox ESR
Out-of-bounds write in Cairo library
Mod
Firefox,Firefox ESR
Privilege escalation through Mozilla Maintenance Service
Mod
Firefox,Firefox ESR
Privilege escalation through Mozilla Updater
Mod
Firefox,Firefox ESR
Bypass of SOW protections allows cloning of protected nodes
Mod
Firefox,Firefox ESR
Bypass of tab-modal dialog origin disclosure
Mod
Firefox
Cross-site scripting (XSS) using timed history navigations
Mod
Firefox,Firefox ESR
Memory corruption while rendering grayscale PNG images
Mod
Firefox
Out-of-bounds array read in CERT_DecodeCertPackage
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
Mod
Firefox,Firefox ESR
Privileged access for content level constructor
Mod
Firefox,Firefox ESR
File input control has access to full path
Mod
Firefox
Local privilege escalation through Mozilla Maintenance Service
Mod
Firefox,Firefox ESR
Mozilla Updater fails to update some Windows Registry entries
Mod
Firefox
Use-after-free with video and onresize event
Mod
Firefox,Firefox ESR
Uninitialized functions in DOMSVGZoomEvent
Mod
Firefox,Firefox ESR
Memory corruption found using Address Sanitizer
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Mod
Firefox,Firefox ESR
Memory corruption found using Address Sanitizer
Mod
Firefox,Firefox ESR
Privileged content access and execution via XBL
Mod
Firefox,Firefox ESR
Arbitrary code execution within Profiler
Mod
Firefox
Execution of unmapped memory through onreadystatechange event
Mod
Firefox,Firefox ESR
Data in the body of XHR HEAD requests leads to CSRF attacks
Mod
Firefox,Firefox ESR
SVG filters can lead to information disclosure
Mod
Firefox,Firefox ESR
PreserveWrapper has inconsistent behavior
Mod
Firefox,Firefox ESR
Sandbox restrictions not applied to nested frame elements
Mod
Firefox
X-Frame-Options ignored when using server push with multi-part responses
Mod
Firefox
XrayWrappers can be bypassed to run user defined methods in a privileged context
Mod
Firefox,Firefox ESR
getUserMedia permission dialog incorrectly displays location
Mod
Firefox
Homograph domain spoofing in .com, .net and .name
Mod
Firefox
Inaccessible updater can lead to local privilege escalation
Mod
Firefox
Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
Mod
Firefox,Firefox ESR
Use after free mutating DOM during SetBody
Mod
Firefox
Buffer underflow when generating CRMF requests
Mod
Firefox
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
Mod
Firefox,Firefox ESR
Crash during WAV audio file decoding
Mod
Firefox
Document URI misrepresentation and masquerading
Mod
Firefox,Firefox ESR
CRMF requests allow for code execution and XSS attacks
Mod
Firefox,Firefox ESR
Bypass of XrayWrappers using XBL Scopes
Mod
Firefox
Further Privilege escalation through Mozilla Updater
Mod
Firefox,Firefox ESR
Wrong principal used for validating URI for some Javascript components
Mod
Firefox,Firefox ESR
Same-origin bypass with web workers and XMLHttpRequest
Mod
Firefox,Firefox ESR
Firefox full and stub installer DLL hijacking
Mod
Firefox
Local Java applets may read contents of local file system
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
Mod
Firefox,Firefox ESR
Improper state in HTML5 Tree Builder with templates
Mod
Thunderbird
Improper state in HTML5 Tree Builder with templates
Mod
Firefox
Integer overflow in ANGLE library
Mod
Firefox
Use-after-free in Animation Manager during stylesheet cloning
Mod
Firefox,Firefox ESR
NativeKey continues handling key messages after widget is destroyed
Mod
Thunderbird
NativeKey continues handling key messages after widget is destroyed
Mod
Firefox
Use-after-free with select element
Mod
Thunderbird
Use-after-free with select element
Mod
Firefox
Calling scope for new Javascript objects can lead to memory corruption
Mod
Firefox,Firefox ESR
Mozilla Updater does not lock MAR file after signature verification
Mod
Firefox,Firefox ESR
Uninitialized data in IonMonkey
Mod
Thunderbird
Uninitialized data in IonMonkey
Mod
Firefox
Compartment mismatch re-attaching XBL-backed nodes
Mod
Firefox,Firefox ESR
Buffer overflow with multi-column, lists, and floats
Mod
Firefox,Firefox ESR
Memory corruption involving scrolling
Mod
Firefox,Firefox ESR
User-defined properties on DOM proxies get the wrong "this" object
Mod
Firefox,Firefox ESR
GC hazard with default compartments and frame chain restoration
Mod
Thunderbird
GC hazard with default compartments and frame chain restoration
Mod
Firefox
Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
Mod
Firefox,Firefox ESR
Spoofing addressbar though SELECT element
Mod
Thunderbird
Spoofing addressbar though SELECT element
Mod
Firefox,Firefox ESR
Access violation with XSLT and uninitialized data
Mod
Firefox,Firefox ESR
Improperly initialized memory and overflows in some JavaScript functions
Mod
Firefox,Firefox ESR
Writing to cycle collected object during image decoding
Mod
Thunderbird
Writing to cycle collected object during image decoding
Mod
Firefox,Firefox ESR
Use-after-free when updating offline cache
Mod
Firefox,Firefox ESR
Security bypass of PDF.js checks using iframes
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Mod
Firefox,Firefox ESR
Clone protected content with XBL scopes
Mod
Thunderbird
Clone protected content with XBL scopes
Mod
Firefox,Firefox ESR
UI selection timeout missing on download prompts
Mod
Firefox
Incorrect use of discarded images by RasterImage
Mod
Thunderbird
Incorrect use of discarded images by RasterImage
Mod
Firefox,Firefox ESR
Information disclosure with *FromPoint on iframes
Mod
Firefox
Profile path leaks to Android system log
Mod
Firefox
XSLT stylesheets treated as styles in Content Security Policy
Mod
Firefox
Use-after-free with imgRequestProxy and image proccessing
Mod
Thunderbird
Use-after-free with imgRequestProxy and image proccessing
Mod
Firefox,Firefox ESR
Cross-origin information leak through web workers
Mod
Thunderbird
Cross-origin information leak through web workers
Mod
Firefox,Firefox ESR
Firefox default start page UI content invokable by script
Mod
Firefox
Crash when using web workers with asm.js
Mod
Firefox,Firefox ESR
NSS ticket handling issues
Mod
Thunderbird
NSS ticket handling issues
Mod
Firefox,Firefox ESR
Inconsistent JavaScript handling of access to Window objects
Mod
Thunderbird
Inconsistent JavaScript handling of access to Window objects
Mod
Firefox,Firefox ESR
Script execution in HTML mail replies
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Mod
Firefox,Firefox ESR
Files extracted during updates are not always read only
Mod
Thunderbird
Files extracted during updates are not always read only
Mod
Firefox,Firefox ESR
Out of bounds read during WAV file decoding
Mod
Thunderbird
Out of bounds read during WAV file decoding
Mod
Firefox,Firefox ESR
crypto.generateCRMFRequest does not validate type of key
Mod
Firefox
Spoofing attack on WebRTC permission prompt
Mod
Firefox
onbeforeunload and Javascript navigation DOS
Mod
Firefox
Local file access via Open Link in new tab
Mod
Firefox
WebGL content injection from one domain to rendering in another
Mod
Firefox
Content Security Policy for data: documents not preserved by session restore
Mod
Firefox
Information disclosure through polygon rendering in MathML
Mod
Thunderbird
Information disclosure through polygon rendering in MathML
Mod
Firefox,Firefox ESR
Memory corruption in Cairo during PDF font rendering
Mod
Thunderbird
Memory corruption in Cairo during PDF font rendering
Mod
Firefox,Firefox ESR
SVG filters information disclosure through feDisplacementMap
Mod
Thunderbird
SVG filters information disclosure through feDisplacementMap
Mod
Firefox,Firefox ESR
Privilege escalation using WebIDL-implemented APIs
Mod
Thunderbird
Privilege escalation using WebIDL-implemented APIs
Mod
Firefox,Firefox ESR
Use-after-free in TypeObject
Mod
Thunderbird
Use-after-free in TypeObject
Mod
Firefox,Firefox ESR
Out-of-bounds read/write through neutering ArrayBuffer objects
Mod
Thunderbird
Out-of-bounds read/write through neutering ArrayBuffer objects
Mod
Firefox,Firefox ESR
Out-of-bounds write through TypedArrayObject after neutering
Mod
Thunderbird
Out-of-bounds write through TypedArrayObject after neutering
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Mod
Firefox,Firefox ESR
Privilege escalation through Mozilla Maintenance Service Installer
Mod
Firefox,Firefox ESR
Web Audio memory corruption issues
Mod
Firefox
Out of bounds read while decoding JPG images
Mod
Thunderbird
Out of bounds read while decoding JPG images
Mod
Firefox,Firefox ESR
Buffer overflow when using non-XBL object as XBL
Mod
Thunderbird
Buffer overflow when using non-XBL object as XBL
Mod
Firefox,Firefox ESR
Use-after-free in the Text Track Manager for HTML video
Mod
Firefox
Firefox for Android addressbar suppression
Mod
Firefox
Privilege escalation through Web Notification API
Mod
Thunderbird
Privilege escalation through Web Notification API
Mod
Firefox,Firefox ESR
Cross-site scripting (XSS) using history navigations
Mod
Thunderbird
Cross-site scripting (XSS) using history navigations
Mod
Firefox,Firefox ESR
Use-after-free in imgLoader while resizing images
Mod
Thunderbird
Use-after-free in imgLoader while resizing images
Mod
Firefox,Firefox ESR
Incorrect IDNA domain name matching for wildcard certificates
Mod
Firefox
Use-after-free in nsHostResolver
Mod
Thunderbird
Use-after-free in nsHostResolver
Mod
Firefox,Firefox ESR
Debugger can bypass XrayWrappers with JavaScript
Mod
Firefox
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Mod
Firefox,Firefox ESR
Use-after-free and out of bounds issues found using Address Sanitizer
Mod
Thunderbird
Use-after-free and out of bounds issues found using Address Sanitizer
Mod
Firefox,Firefox ESR
Use-after-free in Event Listener Manager
Mod
Firefox
Use-after-free with SMIL Animation Controller
Mod
Thunderbird
Use-after-free with SMIL Animation Controller
Mod
Firefox,Firefox ESR
Buffer overflow in Web Audio Speex resampler
Mod
Firefox
Buffer overflow in Gamepad API
Mod
Firefox
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Mod
Firefox,Firefox ESR
Buffer overflow during Web Audio buffering for playback
Mod
Thunderbird
Buffer overflow during Web Audio buffering for playback
Mod
Firefox
Use-after-free in Web Audio due to incorrect control message ordering
Mod
Thunderbird
Use-after-free in Web Audio due to incorrect control message ordering
Mod
Firefox
Use-after-free in DirectWrite font handling
Mod
Thunderbird
Use-after-free in DirectWrite font handling
Mod
Firefox,Firefox ESR
Toolbar dialog customization event spoofing
Mod
Firefox
Use-after-free with FireOnStateChange event
Mod
Thunderbird
Use-after-free with FireOnStateChange event
Mod
Firefox,Firefox ESR
Exploitable WebGL crash with Cesium JavaScript library
Mod
Thunderbird
Exploitable WebGL crash with Cesium JavaScript library
Mod
Firefox,Firefox ESR
Use-after-free while when manipulating certificates in the trusted cache
Mod
Thunderbird
Use-after-free while when manipulating certificates in the trusted cache
Mod
Firefox,Firefox ESR
Crash in Skia library when scaling high quality images
Mod
Thunderbird
Crash in Skia library when scaling high quality images
Mod
Firefox,Firefox ESR
Certificate parsing broken by non-standard character encoding
Mod
Thunderbird
Certificate parsing broken by non-standard character encoding
Mod
Firefox
IFRAME sandbox same-origin access through redirect
Mod
Thunderbird
IFRAME sandbox same-origin access through redirect
Mod
Firefox
Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Mod
Firefox,Firefox ESR
Use-after-free during DOM interactions with SVG
Mod
Thunderbird
Use-after-free during DOM interactions with SVG
Mod
Firefox,Firefox ESR
Uninitialized memory use during GIF rendering
Mod
Thunderbird
Uninitialized memory use during GIF rendering
Mod
Firefox,Firefox ESR
Out-of-bounds read in Web Audio audio timeline
Mod
Thunderbird
Out-of-bounds read in Web Audio audio timeline
Mod
Firefox,Firefox ESR
Use-after-free setting text directionality
Mod
Thunderbird
Use-after-free setting text directionality
Mod
Firefox,Firefox ESR
RSA Signature Forgery in NSS
Mod
Thunderbird
RSA Signature Forgery in NSS
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Mod
Firefox,Firefox ESR
Buffer overflow during CSS manipulation
Mod
Thunderbird
Buffer overflow during CSS manipulation
Mod
Firefox,Firefox ESR
Web Audio memory corruption issues with custom waveforms
Mod
Thunderbird
Web Audio memory corruption issues with custom waveforms
Mod
Firefox,Firefox ESR
Out-of-bounds write with WebM video
Mod
Thunderbird
Out-of-bounds write with WebM video
Mod
Firefox,Firefox ESR
Further uninitialized memory use during GIF rendering
Mod
Firefox
Use-after-free interacting with text directionality
Mod
Thunderbird
Use-after-free interacting with text directionality
Mod
Firefox,Firefox ESR
Key pinning bypasses
Mod
Firefox
Inconsistent video sharing within iframe
Mod
Thunderbird
Inconsistent video sharing within iframe
Mod
Firefox,Firefox ESR
Accessing cross-origin objects via the Alarms API
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Mod
Firefox,Firefox ESR
XBL bindings accessible via improper CSS declarations
Mod
Firefox
XMLHttpRequest crashes with some input streams
Mod
Thunderbird
XMLHttpRequest crashes with some input streams
Mod
Firefox,Firefox ESR
CSP leaks redirect data via violation reports
Mod
Firefox
Use-after-free during HTML5 parsing
Mod
Thunderbird
Use-after-free during HTML5 parsing
Mod
Firefox,Firefox ESR
Buffer overflow while parsing media content
Mod
Thunderbird
Buffer overflow while parsing media content
Mod
Firefox,Firefox ESR
Bad casting from the BasicThebesLayer to BasicContainerLayer
Mod
Thunderbird
Bad casting from the BasicThebesLayer to BasicContainerLayer
Mod
Firefox,Firefox ESR
Privileged access to security wrapped protected objects
Mod
Firefox
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Mod
Firefox,Firefox ESR
Uninitialized memory use during bitmap rendering
Mod
Firefox
sendBeacon requests lack an Origin header
Mod
Thunderbird
sendBeacon requests lack an Origin header
Mod
Firefox,Firefox ESR
Cookie injection through Proxy Authenticate responses
Mod
Thunderbird
Cookie injection through Proxy Authenticate responses
Mod
Firefox,Firefox ESR
Read of uninitialized memory in Web Audio
Mod
Firefox
Read-after-free in WebRTC
Mod
Firefox,Firefox ESR
Gecko Media Plugin sandbox escape
Mod
Firefox
Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
Mod
Firefox
XrayWrapper bypass through DOM objects
Mod
Firefox
Update OpenH264 plugin to version 1.3
Mod
Firefox
Arbitrary file manipulation by local user through Mozilla updater
Mod
Thunderbird
Arbitrary file manipulation by local user through Mozilla updater
Mod
Firefox,Firefox ESR
Buffer overflow in libvpx while parsing vp9 format video
Mod
Thunderbird
Buffer overflow in libvpx while parsing vp9 format video
Mod
Firefox,Firefox ESR
Crash when using debugger with SavedStacks in JavaScript
Mod
Firefox
URL spoofing in reader mode
Mod
Firefox
Use-after-free with shared workers and IndexedDB
Mod
Firefox
Buffer overflow while decoding WebM video
Mod
Thunderbird
Buffer overflow while decoding WebM video
Mod
Firefox,Firefox ESR
Use-after-free while manipulating HTML media content
Mod
Thunderbird
Use-after-free while manipulating HTML media content
Mod
Firefox,Firefox ESR
Scripted proxies can access inner window
Mod
Firefox
JavaScript immutable property enforcement can be bypassed
Mod
Firefox
Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
Mod
Firefox,Firefox ESR
Dragging and dropping images exposes final URL after redirects
Mod
Thunderbird
Dragging and dropping images exposes final URL after redirects
Mod
Firefox,Firefox ESR
Errors in the handling of CORS preflight request headers
Mod
Thunderbird
Errors in the handling of CORS preflight request headers
Mod
Firefox,Firefox ESR
Vulnerabilities found through code inspection
Mod
Thunderbird
Vulnerabilities found through code inspection
Mod
Firefox,Firefox ESR
Memory safety errors in libGLES in the ANGLE graphics library
Mod
Thunderbird
Memory safety errors in libGLES in the ANGLE graphics library
Mod
Firefox,Firefox ESR
Information disclosure via the High Resolution Time API
Mod
Firefox
Cross-origin restriction bypass using Fetch
Mod
Firefox
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Mod
Firefox,Firefox ESR
Information disclosure through NTLM authentication
Mod
Firefox
CSP bypass due to permissive Reader mode whitelist
Mod
Firefox
Invoking Mozilla updater will load locally stored DLL files
Mod
Thunderbird
Invoking Mozilla updater will load locally stored DLL files
Mod
Firefox,Firefox ESR
Disabling scripts in Add-on SDK panels has no effect
Mod
Firefox
Trailing whitespace in IP address hostnames can bypass same-origin policy
Mod
Thunderbird
Trailing whitespace in IP address hostnames can bypass same-origin policy
Mod
Firefox,Firefox ESR
Buffer overflow during image interactions in canvas
Mod
Thunderbird
Buffer overflow during image interactions in canvas
Mod
Firefox,Firefox ESR
CORS preflight is bypassed when non-standard Content-Type headers are received
Mod
Thunderbird
CORS preflight is bypassed when non-standard Content-Type headers are received
Mod
Firefox,Firefox ESR
Memory corruption in libjar through zip files
Mod
Thunderbird
Memory corruption in libjar through zip files
Mod
Firefox,Firefox ESR
Certain escaped characters in host of Location-header are being treated as non-escaped
Mod
Firefox
Appended period to hostnames can bypass HPKP and HSTS protections
Mod
Firefox
JavaScript garbage collection crash with Java applet
Mod
Firefox,Firefox ESR
Vulnerabilities found through code inspection
Mod
Thunderbird
Vulnerabilities found through code inspection
Mod
Firefox,Firefox ESR
Mixed content WebSocket policy bypass through workers
Mod
Thunderbird
Mixed content WebSocket policy bypass through workers
Mod
Firefox,Firefox ESR
NSS and NSPR memory corruption issues
Mod
Thunderbird
NSS and NSPR memory corruption issues
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Mod
Firefox,Firefox ESR
Crash with JavaScript variable assignment with unboxed objects
Mod
Firefox
Same-origin policy violation using performance.getEntries and history navigation
Mod
Firefox,Firefox ESR
Firefox allows for control characters to be set in cookies
Mod
Firefox
Use-after-free in WebRTC when datachannel is used after being destroyed
Mod
Firefox,Firefox ESR
Integer overflow allocating extremely large textures
Mod
Thunderbird
Integer overflow allocating extremely large textures
Mod
Firefox,Firefox ESR
Malicious WebGL content crash when writing strings
Mod
Firefox
Cross-origin information leak through web workers error events
Mod
Firefox
Hash in data URI is incorrectly parsed
Mod
Firefox
DOS due to malformed frames in HTTP/2
Mod
Firefox
Linux file chooser crashes on malformed images due to flaws in Jasper library
Mod
Firefox
Buffer overflows found through code inspection
Mod
Firefox
Underflow through code inspection
Mod
Thunderbird
Underflow through code inspection
Mod
Firefox,Firefox ESR
Integer overflow in MP4 playback in 64-bit versions
Mod
Thunderbird
Integer overflow in MP4 playback in 64-bit versions
Mod
Firefox,Firefox ESR
Integer underflow and buffer overflow processing MP4 metadata in libstagefright
Mod
Firefox,Firefox ESR
Privilege escalation vulnerabilities in WebExtension APIs
Mod
Firefox
Cross-site reading attack through data and view-source URIs
Mod
Thunderbird
Cross-site reading attack through data and view-source URIs
Mod
Firefox,Firefox ESR
TLS TURN and STUN connections silently fail to simple TCP connections
Mod
Firefox
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
Mod
Thunderbird
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
Mod
Firefox,Firefox ESR
Use-after-free in IndexedDB
Mod
Thunderbird
Use-after-free in IndexedDB
Mod
Firefox,Firefox ESR
Buffer overflow in libstagefright during MP4 video playback
Mod
Firefox
Double-free when using non-default memory allocators with a zero-length XHR
Mod
Firefox
Out-of-bounds read and write while rendering SVG content
Mod
Thunderbird
Out-of-bounds read and write while rendering SVG content
Mod
Firefox,Firefox ESR
Buffer overflow during CSS restyling
Mod
Firefox
Buffer underflow during MP3 playback
Mod
Firefox
Crash using DrawTarget in Cairo graphics library
Mod
Firefox
Use-after-free in Developer Console date with OpenType Sanitiser
Mod
Firefox
Reading of local files through manipulation of form autocomplete
Mod
Thunderbird
Reading of local files through manipulation of form autocomplete
Mod
Firefox,Firefox ESR
Local files or privileged URLs in pages can be opened into new tabs
Mod
Firefox
UI Tour whitelisted sites in background tab can spoof foreground tabs
Mod
Firefox
Caja Compiler JavaScript sandbox bypass
Mod
Firefox
Privilege escalation through SVG navigation
Mod
Firefox,Firefox ESR
Code execution through incorrect JavaScript bounds checking elimination
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Mod
Firefox,Firefox ESR
Add-on lightweight theme installation approval bypassed through MITM attack
Mod
Firefox
resource:// documents can load privileged pages
Mod
Thunderbird
resource:// documents can load privileged pages
Mod
Firefox,Firefox ESR
Out of bounds read in QCMS library
Mod
Firefox
Incorrect memory management for simple-type arrays in WebRTC
Mod
Firefox
CORS requests should not follow 30x redirections after preflight
Mod
Thunderbird
CORS requests should not follow 30x redirections after preflight
Mod
Firefox,Firefox ESR
Memory corruption crashes in Off Main Thread Compositing
Mod
Firefox
Use-after-free due to type confusion flaws
Mod
Firefox
Same-origin bypass through anchor navigation
Mod
Thunderbird
Same-origin bypass through anchor navigation
Mod
Firefox,Firefox ESR
PRNG weakness allows for DNS poisoning on Android
Mod
Firefox
Windows can retain access to privileged content on navigation to unprivileged pages
Mod
Firefox
Loading privileged content through Reader mode
Mod
Firefox
Certificate verification bypass through the HTTP/2 Alt-Svc header
Mod
Firefox
Memory corruption during failed plugin initialization
Mod
Firefox
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Mod
Firefox,Firefox ESR
Buffer overflow parsing H.264 video with Linux Gstreamer
Mod
Thunderbird
Buffer overflow parsing H.264 video with Linux Gstreamer
Mod
Firefox,Firefox ESR
Buffer overflow with SVG content and CSS
Mod
Thunderbird
Buffer overflow with SVG content and CSS
Mod
Firefox,Firefox ESR
Referrer policy ignored when links opened by middle-click and context menu
Mod
Firefox
Out-of-bounds read and write in asm.js validation
Mod
Firefox
Use-after-free during text processing with vertical text enabled
Mod
Thunderbird
Use-after-free during text processing with vertical text enabled
Mod
Firefox,Firefox ESR
Use-after-free due to Media Decoder Thread creation during shutdown
Mod
Firefox
Buffer overflow when parsing compressed XML
Mod
Thunderbird
Buffer overflow when parsing compressed XML
Mod
Firefox,Firefox ESR
Buffer overflow and out-of-bounds read while parsing MP4 video metadata
Mod
Firefox
Untrusted site hosting trusted page can intercept webchannel responses
Mod
Firefox
Privilege escalation through IPC channel messages
Mod
Thunderbird
Privilege escalation through IPC channel messages
Mod
Firefox,Firefox ESR
Mozilla Windows updater can be run outside of application directory
Mod
Thunderbird
Mozilla Windows updater can be run outside of application directory
Mod
Firefox
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
Mod
Firefox,Firefox ESR
Local files or privileged URLs in pages can be opened into new tabs
Mod
Firefox,Firefox ESR
Type confusion in Indexed Database Manager
Mod
Firefox,Firefox ESR
Out-of-bound read while computing an oscillator rendering range in Web Audio
Mod
Firefox,Firefox ESR
Use-after-free in Content Policy due to microtask execution error
Mod
Thunderbird
Use-after-free in Content Policy due to microtask execution error
Mod
Firefox,Firefox ESR
ECDSA signature validation fails to handle some signatures correctly
Mod
Firefox,Firefox ESR
Use-after-free in workers while using XMLHttpRequest
Mod
Firefox,Firefox ESR
Vulnerabilities found through code inspection
Mod
Thunderbird
Vulnerabilities found through code inspection
Mod
Firefox,Firefox ESR
Key pinning is ignored when overridable errors are encountered
Mod
Thunderbird
Key pinning is ignored when overridable errors are encountered
Mod
Firefox,Firefox ESR
OS X crash reports may contain entered key press information
Mod
Firefox
Privilege escalation through internal workers
Mod
Firefox,Firefox ESR
NSS accepts export-length DHE keys with regular DHE cipher suites
Mod
Thunderbird
NSS accepts export-length DHE keys with regular DHE cipher suites
Mod
Firefox,Firefox ESR
NSS incorrectly permits skipping of ServerKeyExchange
Mod
Thunderbird
NSS incorrectly permits skipping of ServerKeyExchange
Mod
Firefox,Firefox ESR
Same origin violation and local file stealing via PDF reader
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Mod
Firefox,Firefox ESR
Out-of-bounds read with malformed MP3 file
Mod
Firefox,Firefox ESR
Use-after-free in MediaStream playback
Mod
Firefox,Firefox ESR
Redefinition of non-configurable JavaScript object properties
Mod
Firefox,Firefox ESR
Overflow issues in libstagefright
Mod
Firefox,Firefox ESR
Arbitrary file overwriting through Mozilla Maintenance Service with hard links
Mod
Thunderbird
Arbitrary file overwriting through Mozilla Maintenance Service with hard links
Mod
Firefox,Firefox ESR
Out-of-bounds write with Updater and malicious MAR file
Mod
Thunderbird
Out-of-bounds write with Updater and malicious MAR file
Mod
Firefox,Firefox ESR
Feed protocol with POST bypasses mixed content protections
Mod
Firefox
Crash when using shared memory in JavaScript
Mod
Firefox,Firefox ESR
Heap overflow in gdk-pixbuf when scaling bitmap images
Mod
Thunderbird
Heap overflow in gdk-pixbuf when scaling bitmap images
Mod
Firefox,Firefox ESR
Buffer overflows on Libvpx when decoding WebM video
Mod
Firefox,Firefox ESR
Vulnerabilities found through code inspection
Mod
Thunderbird
Vulnerabilities found through code inspection
Mod
Firefox,Firefox ESR
Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification
Mod
Firefox
Use-after-free in XMLHttpRequest with shared workers
Mod
Firefox,Firefox ESR
Integer overflows in libstagefright while processing MP4 video metadata
Mod
Firefox
Use-after-free when resizing canvas element during restyling
Mod
Firefox,Firefox ESR
Add-on notification bypass through data URLs
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Mod
Firefox,Firefox ESR
Memory leak in mozTCPSocket to servers
Mod
Firefox
Out of bounds read in QCMS library with ICC V4 profile attributes
Mod
Firefox
Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
Mod
Thunderbird
Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
Mod
Firefox,Firefox ESR
Out of Memory crash when parsing GIF format images
Mod
Firefox
Buffer overflow in WebGL after out of memory allocation
Mod
Thunderbird
Buffer overflow in WebGL after out of memory allocation
Mod
Firefox,Firefox ESR
Firefox allows for control characters to be set in cookie names
Mod
Firefox
Missing delay following user click events in protocol handler dialog
Mod
Firefox
Errors in mp_div and mp_exptmod cryptographic functions in NSS
Mod
Firefox
Addressbar spoofing attacks
Mod
Firefox
Unsafe memory manipulation found through code inspection
Mod
Firefox
Application Reputation service disabled in Firefox 43
Mod
Firefox
Same-origin-policy violation using Service Workers with plugins
Mod
Firefox
Vulnerabilities in Graphite 2
Mod
Thunderbird
Vulnerabilities in Graphite 2
Mod
Firefox ESR
Security Vulnerability CVE-2012-5376 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5157 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5156 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5154 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5153 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5152 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5151 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5150 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5149 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5148 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5147 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5146 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5145 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5144 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5143 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5142 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5141 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5140 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5139 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5138 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5137 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5136 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5135 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5133 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5132 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5130 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5127 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5126 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5125 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5124 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5123 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5122 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5121 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5119 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5117 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5116 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5111 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5110 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5109 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-5108 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2900 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2895 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2894 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2893 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2892 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2891 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2890 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2888 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2887 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2886 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2885 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2884 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2883 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2882 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2881 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2880 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2879 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2878 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2877 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2876 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2875 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2874 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2872 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2869 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2868 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2867 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2866 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2865 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2863 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2862 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2844 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2843 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2842 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2834 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2833 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2832 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2831 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2830 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2829 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2828 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2826 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2823 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2822 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2821 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2820 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2819 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2818 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2817 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-2815 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-1846 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-1845 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-1521 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-0725 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2012-0724 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6802 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6668 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6667 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6666 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6665 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6664 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6663 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6661 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6660 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6659 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6658 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6657 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6656 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6655 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6654 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6653 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6652 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6650 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6649 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6646 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6645 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6644 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6643 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6642 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6641 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6640 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6639 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6638 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6637 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6636 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6635 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6634 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6632 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6631 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6630 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6629 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6628 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6627 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6626 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6625 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6624 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6623 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6622 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-6621 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2931 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2928 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2927 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2926 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2925 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2924 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2923 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2922 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2921 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2920 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2919 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2918 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2917 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2916 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2915 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2914 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2913 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2912 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2911 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2910 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2909 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2908 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2907 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2906 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2905 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2904 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2903 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2902 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2901 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2900 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2887 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2886 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2885 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2884 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2883 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2882 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2881 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2880 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2879 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2878 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2877 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2876 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2875 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2874 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2873 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2871 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2870 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2869 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2868 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2867 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2866 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2865 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2864 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2863 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2862 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2861 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2860 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2859 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2858 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2857 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2856 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2855 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2854 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2853 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2849 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2848 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2847 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2846 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2845 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2844 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2843 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2842 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2841 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2840 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2839 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2838 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2837 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2836 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-2268 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0926 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0925 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0924 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0923 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0922 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0921 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0920 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0918 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0917 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0916 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0912 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0911 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0910 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0909 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0908 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0907 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0906 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0905 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0904 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0903 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0902 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0900 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0899 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0898 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0897 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0896 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0895 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0894 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0893 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0892 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0891 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0890 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0889 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0888 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0887 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0885 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0884 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0883 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0882 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0881 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0880 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0879 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0842 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0841 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0840 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0839 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0837 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0836 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0835 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0834 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0833 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0832 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0831 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0830 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0829 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2013-0828 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3803 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3187 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3179 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3178 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3177 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3176 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3175 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3174 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3173 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3172 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3171 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3170 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3169 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3168 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3167 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3166 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3165 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3162 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3161 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3160 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3159 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3157 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3156 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3155 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3154 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-3152 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1749 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1748 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1747 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1746 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1745 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1744 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1743 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1742 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1741 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1740 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1736 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1735 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1734 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1733 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1732 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1731 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1730 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1715 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1714 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1713 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1705 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1704 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1703 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1702 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1701 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1700 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1681 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2014-1568 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2015-1212 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2015-1211 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2015-1210 for Google Chrome
Mod
Google Chrome
Security Vulnerability CVE-2015-1209 for Google Chrome
Mod
Google Chrome
Security update HT5766 for iTunes
Mod
iTunes
Security update HT5936 for iTunes
Mod
iTunes
Security update HT6001 for iTunes
Mod
iTunes
Security update HT6245 for iTunes
Mod
iTunes
Security update HT6537 for iTunes
Mod
iTunes
Security update HT204949 for iTunes
Mod
iTunes
Security update HT205221 for iTunes
Mod
iTunes
Security update HT205372 for iTunes
Mod
iTunes
Security update HT205636 for iTunes
Mod
iTunes
Use-after-free in NSS during SSL connections in low memory
Mod
Firefox
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Mod
Firefox,Firefox ESR
Local file overwriting and potential privilege escalation through CSP reports
Mod
Firefox,Firefox ESR
CSP reports fail to strip location information for embedded iframe pages
Mod
Firefox
Memory leak in libstagefright when deleting an array during MP4 processing
Mod
Firefox,Firefox ESR
Displayed page address can be overridden
Mod
Firefox,Firefox ESR
Service Worker Manager out-of-bounds read in Service Worker Manager
Mod
Firefox
Use-after-free in HTML5 string parser
Mod
Firefox,Firefox ESR
Use-after-free in SetBody
Mod
Firefox,Firefox ESR
Use-after-free when using multiple WebRTC data channels
Mod
Firefox,Firefox ESR
Memory corruption when modifying a file being read by FileReader
Mod
Firefox
Use-after-free during XML transformations
Mod
Firefox,Firefox ESR
Addressbar spoofing though history navigation and Location protocol property
Mod
Firefox,Firefox ESR
Same-origin policy violation using performance.getEntries and history navigation with session restore
Mod
Firefox
Buffer overflow in Brotli decompression
Mod
Firefox
Memory corruption with malicious NPAPI plugin
Mod
Firefox,Firefox ESR
WebRTC and LibVPX vulnerabilities found through code inspection
Mod
Firefox
Use-after-free in GetStaticInstance in WebRTC
Mod
Firefox
Out-of-bounds read in HTML parser following a failed allocation
Mod
Firefox,Firefox ESR
Buffer overflow during ASN.1 decoding in NSS
Mod
Firefox,Firefox ESR
Use-after-free during processing of DER encoded keys in NSS
Mod
Firefox
Font vulnerabilities in the Graphite 2 library
Mod
Firefox,Firefox ESR
Out-of-bounds write with malicious font in Graphite 2
Mod
Firefox,Firefox ESR
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Mod
Thunderbird
Local file overwriting and potential privilege escalation through CSP reports
Mod
Thunderbird
Memory leak in libstagefright when deleting an array during MP4 processing
Mod
Thunderbird
Use-after-free in HTML5 string parser
Mod
Thunderbird
Use-after-free in SetBody
Mod
Thunderbird
Use-after-free during XML transformations
Mod
Thunderbird
Memory corruption with malicious NPAPI plugin
Mod
Thunderbird
Out-of-bounds read in HTML parser following a failed allocation
Mod
Thunderbird
Buffer overflow during ASN.1 decoding in NSS
Mod
Thunderbird
Font vulnerabilities in the Graphite 2 library
Mod
Thunderbird
Security Vulnerability CVE-2013-1489 in Oracle JRE
Mod
Java JRE
Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
Mod
Firefox,Firefox ESR
Privilege escalation through file deletion by Maintenance Service updater
Mod
Firefox
Use-after-free and buffer overflow in Service Workers
Mod
Firefox
Buffer overflow in libstagefright with CENC offsets
Mod
Firefox,Firefox ESR
CSP not applied to pages sent with multipart/x-mixed-replace
Mod
Firefox
Elevation of privilege with chrome.tabs.update API in web extensions
Mod
Firefox
Write to invalid HashMap entry through JavaScript.watch()
Mod
Firefox,Firefox ESR
Firefox Health Reports could accept events from untrusted domains
Mod
Firefox
Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
Mod
Firefox,Firefox ESR
Buffer overflow parsing HTML5 fragments
Mod
Firefox,Firefox ESR
Use-after-free deleting tables from a contenteditable document
Mod
Firefox,Firefox ESR
Addressbar spoofing though the SELECT element
Mod
Firefox,Firefox ESR
Out-of-bounds write with WebGL shader
Mod
Firefox,Firefox ESR
Partial same-origin-policy through setting location.host through data URI
Mod
Firefox
File overwrite and privilege escalation through Mozilla Windows updater
Mod
Firefox,Firefox ESR
Use-after-free when textures are used in WebGL operations after recycle pool destruction
Mod
Firefox,Firefox ESR
Incorrect icon displayed on permissions notifications
Mod
Firefox
Entering fullscreen and persistent pointerlock without user permission
Mod
Firefox,Firefox ESR
Information disclosure of disabled plugins through CSS pseudo-classes
Mod
Firefox
Java applets bypass CSP protections
Mod
Firefox
Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)
Mod
Firefox,Firefox ESR
Network Security Services (NSS) vulnerabilities
Mod
Firefox
Security update HT206379 for iTunes
Mod
iTunes
Favicon network connection can persist when page is closed
Mod
Firefox,Firefox ESR
Buffer overflow rendering SVG with bidirectional content
Mod
Firefox,Firefox ESR