Vulnerabilities > Mozilla > Firefox > 37.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-22 | CVE-2020-15684 | Unspecified vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 81. | 7.5 |
2020-10-22 | CVE-2020-15683 | Use After Free vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. | 7.5 |
2020-10-22 | CVE-2020-15682 | Origin Validation Error vulnerability in Mozilla Firefox When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in. | 4.3 |
2020-10-22 | CVE-2020-15681 | Unspecified vulnerability in Mozilla Firefox When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash. | 5.0 |
2020-10-22 | CVE-2020-15680 | Unspecified vulnerability in Mozilla Firefox If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler. | 5.0 |
2020-10-08 | CVE-2020-12401 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. | 4.7 |
2020-10-08 | CVE-2020-12400 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. | 4.7 |
2020-10-01 | CVE-2020-15675 | Classic Buffer Overflow vulnerability in Mozilla Firefox When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. | 6.8 |
2020-10-01 | CVE-2020-15674 | Release of Invalid Pointer or Reference vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 80. | 6.8 |
2020-10-01 | CVE-2020-15667 | Unrestricted Upload of File with Dangerous Type vulnerability in Mozilla Firefox When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. | 6.8 |