Vulnerabilities > Mozilla > Firefox > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-10-18 CVE-2018-5187 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs present in Firefox 60 and Firefox ESR 60.
network
low complexity
debian canonical mozilla CWE-119
critical
 9.8
9.8
2018-10-18 CVE-2018-5188 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8.
network
low complexity
debian canonical mozilla redhat CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2016-5287 Use After Free vulnerability in Mozilla Firefox
A potentially exploitable use-after-free crash during actor destruction with service workers.
network
low complexity
mozilla CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2016-5289 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Memory safety bugs were reported in Firefox 49.
network
low complexity
mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2016-5290 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4.
network
low complexity
mozilla debian CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2016-5297 Integer Overflow or Wraparound vulnerability in multiple products
An error in argument length checking in JavaScript, leading to potential integer overflows or other bounds checking issues.
network
low complexity
mozilla debian CWE-190
critical
 9.8
9.8
2018-06-11 CVE-2016-9063 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow during the parsing of XML using the Expat library.
network
low complexity
mozilla debian python CWE-190
critical
 9.8
9.8
2018-06-11 CVE-2016-9075 Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox
An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list.
network
low complexity
mozilla CWE-264
critical
 9.8
9.8
2018-06-11 CVE-2016-9080 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Memory safety bugs were reported in Firefox 50.0.2.
network
low complexity
mozilla CWE-119
critical
 9.8
9.8
2018-06-11 CVE-2016-9893 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Thunderbird 45.5.
network
low complexity
debian redhat mozilla CWE-119
critical
 9.8
9.8