Vulnerabilities > Mozilla > Firefox ESR > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-13 | CVE-2016-1522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font. | 9.3 |
| 2016-01-31 | CVE-2016-1930 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
| 2016-01-31 | CVE-2016-1935 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. | 9.3 |
| 2015-12-16 | CVE-2015-7201 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
| 2015-12-16 | CVE-2015-7205 | Numeric Errors vulnerability in multiple products Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet. | 10.0 |
| 2015-08-29 | CVE-2015-4497 | Use After Free Denial of Service vulnerability in Mozilla Firefox and Firefox ESR Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by leveraging improper interaction between resize events and changes to Cascading Style Sheets (CSS) token sequences for a CANVAS element. | 10.0 |
| 2015-08-16 | CVE-2015-4473 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | 10.0 |
| 2015-08-16 | CVE-2015-4479 | Numeric Errors vulnerability in multiple products Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data. | 10.0 |
| 2015-08-16 | CVE-2015-4480 | Numeric Errors vulnerability in multiple products Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding. | 9.3 |
| 2015-08-16 | CVE-2015-4485 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data. | 10.0 |