Vulnerabilities > Mozilla > Firefox > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-7827 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
Memory safety bugs were reported in Firefox 56.
network
low complexity
mozilla CWE-119
critical
9.8
2018-06-11 CVE-2017-7828 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in use.
network
low complexity
debian redhat mozilla CWE-416
critical
9.8
2018-06-11 CVE-2018-5089 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5.
network
low complexity
canonical redhat debian mozilla CWE-119
critical
9.8
2018-06-11 CVE-2018-5090 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Memory safety bugs were reported in Firefox 57.
network
low complexity
mozilla canonical CWE-119
critical
9.8
2018-06-11 CVE-2018-5091 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
9.8
2018-06-11 CVE-2018-5092 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations.
network
low complexity
mozilla canonical CWE-416
critical
9.8
2018-06-11 CVE-2018-5095 Use of Uninitialized Resource vulnerability in multiple products
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM.
network
low complexity
debian redhat mozilla canonical CWE-908
critical
9.8
2018-06-11 CVE-2018-5097 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
9.8
2018-06-11 CVE-2018-5098 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
9.8
2018-06-11 CVE-2018-5099 Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when these references are used.
network
low complexity
debian redhat mozilla canonical CWE-416
critical
9.8