Vulnerabilities > Mozilla > Firefox ESR
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2016-9899 | Use After Free vulnerability in multiple products Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. | 7.5 |
2018-06-11 | CVE-2016-9898 | Use After Free vulnerability in multiple products Use-after-free resulting in potentially exploitable crash when manipulating DOM subtrees in the Editor. | 7.5 |
2018-06-11 | CVE-2016-9897 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory corruption resulting in a potentially exploitable crash during WebGL functions using a vector constructor with a varying array within libGLES. | 5.0 |
2018-06-11 | CVE-2016-9895 | 7PK - Security Features vulnerability in multiple products Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. | 4.3 |
2018-06-11 | CVE-2016-9893 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Thunderbird 45.5. | 7.5 |
2018-06-11 | CVE-2016-9079 | Use After Free vulnerability in multiple products A use-after-free vulnerability in SVG Animation has been discovered. | 5.0 |
2018-06-11 | CVE-2016-9074 | Information Exposure vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird An existing mitigation of timing side-channel attacks is insufficient in some circumstances. | 4.3 |
2018-06-11 | CVE-2016-9066 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. | 5.0 |
2018-06-11 | CVE-2016-9064 | Improper Certificate Validation vulnerability in Mozilla Firefox and Firefox ESR Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. | 4.3 |
2018-06-11 | CVE-2016-5297 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues. | 7.5 |