Vulnerabilities > Mozilla > Firefox > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-26 | CVE-2019-9794 | Argument Injection or Modification vulnerability in Mozilla Firefox and Firefox ESR A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. | 9.8 |
| 2019-04-26 | CVE-2019-9795 | Type Confusion vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A vulnerability where type-confusion in the IonMonkey just-in-time (JIT) compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. | 9.8 |
| 2019-04-26 | CVE-2019-9796 | Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur when the SMIL animation controller incorrectly registers with the refresh driver twice when only a single registration is expected. | 9.8 |
| 2019-04-26 | CVE-2019-9804 | OS Command Injection vulnerability in Mozilla Firefox In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. | 9.8 |
| 2019-04-26 | CVE-2019-9805 | Use of Uninitialized Resource vulnerability in Mozilla Firefox A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. | 9.8 |
| 2019-04-15 | CVE-2017-7774 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function. | 9.1 |
| 2019-02-28 | CVE-2018-12390 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. | 9.8 |
| 2019-02-28 | CVE-2018-12392 | When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. | 9.8 |
| 2019-02-28 | CVE-2018-12405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. | 9.8 |
| 2019-02-28 | CVE-2018-12407 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content, when working with the VertexBuffer11 module. | 9.8 |