60.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-05	CVE-2018-18503	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. network low complexity mozilla canonical CWE-119	8.8
2019-02-05	CVE-2018-18502	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 64. network low complexity mozilla canonical CWE-119 critical	9.8
2019-02-05	CVE-2018-18501	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. network low complexity mozilla canonical debian redhat CWE-119 critical	9.8
2019-02-05	CVE-2018-18500	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. network low complexity mozilla canonical debian redhat CWE-416 critical	9.8
2018-10-18	CVE-2018-5188	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. network low complexity debian canonical mozilla redhat CWE-119 critical	9.8
2018-10-18	CVE-2018-5187	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60 and Firefox ESR 60. network low complexity debian canonical mozilla CWE-119 critical	9.8
2018-10-18	CVE-2018-5186	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs present in Firefox 60. network low complexity mozilla canonical CWE-119 critical	9.8
2018-10-18	CVE-2018-5156	Improper Input Validation vulnerability in multiple products A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. network low complexity redhat debian canonical mozilla CWE-20 critical	9.8
2018-10-18	CVE-2018-12387	Improper Input Validation vulnerability in multiple products A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. network low complexity redhat debian canonical mozilla CWE-20 critical	9.1
2018-10-18	CVE-2018-12386	Incorrect Type Conversion or Cast vulnerability in multiple products A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. network low complexity redhat debian canonical mozilla CWE-704	8.1