Vulnerabilities > Mozilla > Firefox > 44.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2016-9071 | 7PK - Security Features vulnerability in Mozilla Firefox Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. | 5.0 |
| 2018-06-11 | CVE-2016-9070 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. | 6.8 |
| 2018-06-11 | CVE-2016-9068 | Use After Free vulnerability in Mozilla Firefox A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. | 5.0 |
| 2018-06-11 | CVE-2016-9067 | Use After Free vulnerability in Mozilla Firefox Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. | 5.0 |
| 2018-06-11 | CVE-2016-9066 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. | 5.0 |
| 2018-06-11 | CVE-2016-9065 | Improper Input Validation vulnerability in Mozilla Firefox The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. | 5.0 |
| 2018-06-11 | CVE-2016-9064 | Improper Certificate Validation vulnerability in Mozilla Firefox and Firefox ESR Add-on updates failed to verify that the add-on ID inside the signed package matched the ID of the add-on being updated. | 4.3 |
| 2018-06-11 | CVE-2016-9063 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow during the parsing of XML using the Expat library. | 7.5 |
| 2018-06-11 | CVE-2016-9062 | Information Exposure vulnerability in Mozilla Firefox Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db" and "browser.db-wal" files within the Firefox profile after the mode is exited. | 2.1 |
| 2018-06-11 | CVE-2016-9061 | Permission Issues vulnerability in Mozilla Firefox A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. | 5.0 |