Vulnerabilities > Mozilla > Firefox > 20.0.1

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-7756 Use After Free vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR).
network
low complexity
mozilla debian CWE-416
7.5
2018-06-11 CVE-2017-7755 Untrusted Search Path vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run.
6.8
2018-06-11 CVE-2017-7754 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in WebGL with a maliciously crafted "ImageInfo" object during WebGL operations.
network
low complexity
debian redhat mozilla CWE-125
5.0
2018-06-11 CVE-2017-7753 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.
network
low complexity
debian redhat mozilla CWE-125
6.4
2018-06-11 CVE-2017-7752 Use After Free vulnerability in multiple products
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled.
6.8
2018-06-11 CVE-2017-7751 Use After Free vulnerability in multiple products
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.
network
low complexity
debian redhat mozilla CWE-416
7.5
2018-06-11 CVE-2017-7750 Use After Free vulnerability in multiple products
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM.
network
low complexity
debian redhat mozilla CWE-416
7.5
2018-06-11 CVE-2017-7749 Use After Free vulnerability in multiple products
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell.
network
low complexity
debian redhat mozilla CWE-416
7.5
2018-06-11 CVE-2017-5472 Use After Free vulnerability in multiple products
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists.
network
low complexity
debian redhat mozilla CWE-416
7.5
2018-06-11 CVE-2017-5471 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Memory safety bugs were reported in Firefox 53.
network
low complexity
mozilla CWE-119
7.5