Vulnerabilities > Mozilla > Firefox > 37.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-26974 Out-of-bounds Write vulnerability in Mozilla Firefox
When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type.
network
mozilla CWE-787
6.8
2021-01-07 CVE-2020-26973 Unspecified vulnerability in Mozilla Firefox
Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed.
network
mozilla
6.8
2021-01-07 CVE-2020-26972 Use After Free vulnerability in Mozilla Firefox
The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to.
network
low complexity
mozilla CWE-416
7.5
2021-01-07 CVE-2020-26971 Out-of-bounds Write vulnerability in Mozilla Firefox
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers.
network
mozilla CWE-787
6.8
2020-12-09 CVE-2020-26969 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 82.
network
mozilla CWE-787
critical
9.3
2020-12-09 CVE-2020-26968 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4.
network
mozilla CWE-787
critical
9.3
2020-12-09 CVE-2020-26967 Unspecified vulnerability in Mozilla Firefox
When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page.
network
mozilla
4.3
2020-12-09 CVE-2020-26966 Unspecified vulnerability in Mozilla Firefox
Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.
network
mozilla
4.3
2020-12-09 CVE-2020-26965 Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox
Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password.
network
mozilla CWE-212
4.3
2020-12-09 CVE-2020-26963 Unspecified vulnerability in Mozilla Firefox
Repeated calls to the history and location interfaces could have been used to hang the browser.
network
mozilla
4.3