Vulnerabilities > Mozilla > Firefox > 3.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-09 | CVE-2020-12411 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 76. | 9.3 |
| 2020-07-09 | CVE-2020-12410 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. | 9.3 |
| 2020-07-09 | CVE-2020-12409 | Unspecified vulnerability in Mozilla Firefox When using certain blank characters in a URL, they where incorrectly rendered as spaces instead of an encoded URL. network mozilla | 6.8 |
| 2020-07-09 | CVE-2020-12408 | Injection vulnerability in Mozilla Firefox When browsing a document hosted on an IP address, an attacker could insert certain characters to flip domain and path information in the address bar. | 4.3 |
| 2020-07-09 | CVE-2020-12407 | Information Exposure vulnerability in Mozilla Firefox Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. | 2.6 |
| 2020-07-09 | CVE-2020-12406 | Insufficient Verification of Data Authenticity vulnerability in multiple products Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal, resulting in a crash. | 8.8 |
| 2020-07-09 | CVE-2020-12405 | Use After Free vulnerability in multiple products When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. | 2.6 |
| 2020-07-09 | CVE-2020-12402 | Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. | 4.4 |
| 2020-07-09 | CVE-2020-12399 | Information Exposure Through Discrepancy vulnerability in multiple products NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. | 1.2 |
| 2020-07-09 | CVE-2020-12424 | Incorrect Default Permissions vulnerability in multiple products When constructing a permission prompt for WebRTC, a URI was supplied from the content process. | 6.5 |