Vulnerabilities > Mozilla > Firefox ESR > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-5102 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5103 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during mouse event handling due to issues with multiprocess support.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5104 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5145 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox ESR 52.6.
network
low complexity
debian redhat mozilla canonical CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5147 Out-of-bounds Write vulnerability in multiple products
The libtremor library has the same flaw as CVE-2018-5146.
network
low complexity
debian mozilla CWE-787
critical
 9.8
9.8
2018-06-11 CVE-2018-5148 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5150 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7.
network
low complexity
debian redhat mozilla canonical CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2018-5154 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5155 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2018-5159 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes.
network
low complexity
debian redhat mozilla canonical CWE-190
critical
 9.8
9.8