Vulnerabilities > Mozilla > Firefox ESR > 60.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-28 | CVE-2018-18493 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. | 7.5 |
2019-02-28 | CVE-2018-18492 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. | 7.5 |
2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 7.5 |
2019-02-28 | CVE-2018-12397 | Information Exposure vulnerability in Mozilla Firefox and Firefox ESR A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. | 3.6 |
2019-02-28 | CVE-2018-12396 | Incorrect Permission Assignment for Critical Resource vulnerability in Mozilla Firefox and Firefox ESR A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. | 4.3 |
2019-02-28 | CVE-2018-12395 | Unspecified vulnerability in Mozilla Firefox and Firefox ESR By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. | 5.0 |
2019-02-28 | CVE-2018-12392 | Unspecified vulnerability in Mozilla Firefox and Firefox ESR When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. | 7.5 |
2019-02-28 | CVE-2018-12391 | Incorrect Authorization vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. | 9.3 |
2019-02-28 | CVE-2018-12390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. | 7.5 |
2019-02-28 | CVE-2018-12389 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. | 6.8 |