Vulnerabilities > Mozilla > Firefox > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-5470 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 53 and Firefox ESR 52.1.
network
low complexity
debian redhat mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-5471 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Memory safety bugs were reported in Firefox 53.
network
low complexity
mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-5472 Use After Free vulnerability in multiple products
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7749 Use After Free vulnerability in multiple products
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7750 Use After Free vulnerability in multiple products
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7751 Use After Free vulnerability in multiple products
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2017-7753 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data.
network
low complexity
debian redhat mozilla CWE-125
critical
9.1
2018-06-11 CVE-2017-7756 Use After Free vulnerability in multiple products
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR).
network
low complexity
mozilla debian CWE-416
critical
9.8
2018-06-11 CVE-2017-7757 Use After Free vulnerability in multiple products
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed.
network
low complexity
mozilla debian CWE-416
critical
9.8
2018-06-11 CVE-2017-7758 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability with the Opus encoder when the number of channels in an audio stream changes while the encoder is in use.
network
low complexity
redhat mozilla debian CWE-125
critical
9.1