Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-12362 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. | 8.8 |
| 2018-10-18 | CVE-2018-12361 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the SwizzleData code while calculating buffer sizes. | 8.8 |
| 2018-10-18 | CVE-2018-12360 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. | 8.8 |
| 2018-10-18 | CVE-2018-12359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. | 8.8 |
| 2018-10-18 | CVE-2016-9069 | Use After Free vulnerability in Mozilla Firefox A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. | 7.8 |
| 2018-06-11 | CVE-2018-5182 | Information Exposure vulnerability in multiple products If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. | 7.5 |
| 2018-06-11 | CVE-2018-5181 | Information Exposure vulnerability in multiple products If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. | 7.5 |
| 2018-06-11 | CVE-2018-5180 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during WebGL operations. | 7.5 |
| 2018-06-11 | CVE-2018-5177 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. | 7.5 |
| 2018-06-11 | CVE-2018-5174 | Unspecified vulnerability in Mozilla products In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. | 7.5 |