Vulnerabilities > Mozilla > Firefox > 6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2018-18510 | Unspecified vulnerability in Mozilla Firefox The about:crashcontent and about:crashparent pages can be triggered by web content. network mozilla | 4.3 |
| 2019-04-26 | CVE-2018-5179 | Missing Release of Resource after Effective Lifetime vulnerability in Mozilla Firefox A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. | 5.0 |
| 2019-04-15 | CVE-2017-7777 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function. | 6.8 |
| 2019-04-15 | CVE-2017-7776 | Out-of-bounds Read vulnerability in multiple products Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph. | 5.8 |
| 2019-04-15 | CVE-2017-7774 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function. | 6.4 |
| 2019-04-15 | CVE-2017-7773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor. | 6.8 |
| 2019-04-15 | CVE-2017-7771 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function. | 5.8 |
| 2019-04-12 | CVE-2017-7772 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function. | 6.8 |
| 2019-02-28 | CVE-2018-18499 | Origin Validation Error vulnerability in Mozilla Firefox and Firefox ESR A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). | 4.3 |
| 2019-02-28 | CVE-2018-18498 | Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when a raw value is used instead of the checked value. | 7.5 |