Vulnerabilities > Mozilla > Firefox > 44.0.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-18 | CVE-2018-12385 | Improper Input Validation vulnerability in multiple products A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. | 4.4 |
2018-10-18 | CVE-2018-12383 | Insufficiently Protected Credentials vulnerability in multiple products If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. | 2.1 |
2018-10-18 | CVE-2018-12381 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mozilla Firefox and Firefox ESR Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. | 5.0 |
2018-10-18 | CVE-2018-12379 | Out-of-bounds Write vulnerability in multiple products When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. | 4.6 |
2018-10-18 | CVE-2018-12378 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. | 7.5 |
2018-10-18 | CVE-2018-12377 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. | 7.5 |
2018-10-18 | CVE-2018-12376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. | 7.5 |
2018-10-18 | CVE-2018-12375 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 61. | 6.8 |
2018-10-18 | CVE-2018-12370 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products In Reader View SameSite cookie protections are not checked on exiting. | 6.8 |
2018-10-18 | CVE-2018-12369 | Incorrect Authorization vulnerability in Mozilla Firefox and Firefox ESR WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. | 7.5 |