Vulnerabilities > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-5450 Improper Input Validation vulnerability in Mozilla Firefox
A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI.
network
low complexity
mozilla CWE-20
7.5
7.5
2018-06-11 CVE-2017-5449 Improper Input Validation vulnerability in multiple products
A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations.
network
low complexity
redhat mozilla CWE-20
7.5
7.5
2018-06-11 CVE-2017-5448 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write in "ClearKeyDecryptor" while decrypting some Clearkey-encrypted media content.
network
low complexity
debian redhat mozilla CWE-787
8.6
8.6
2018-06-11 CVE-2017-5447 Use After Free vulnerability in multiple products
An out-of-bounds read during the processing of glyph widths during text layout.
network
low complexity
debian redhat mozilla CWE-416
critical
 9.1
9.1
2018-06-11 CVE-2017-5446 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect data content.
network
low complexity
debian redhat mozilla CWE-125
critical
 9.8
9.8
2018-06-11 CVE-2017-5445 Improper Validation of Array Index vulnerability in multiple products
A vulnerability while parsing "application/http-index-format" format content where uninitialized values are used to create an array.
network
low complexity
debian redhat mozilla CWE-129
7.5
7.5
2018-06-11 CVE-2017-5444 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted data.
network
low complexity
debian redhat mozilla CWE-119
7.5
7.5
2018-06-11 CVE-2017-5443 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives.
network
low complexity
debian redhat mozilla CWE-787
critical
 9.8
9.8
2018-06-11 CVE-2017-5442 Use After Free vulnerability in multiple products
A use-after-free vulnerability during changes in style when manipulating DOM elements.
network
low complexity
debian redhat mozilla CWE-416
critical
 9.8
9.8
2018-06-11 CVE-2017-5441 Use After Free vulnerability in multiple products
A use-after-free vulnerability when holding a selection during scroll events.
network
low complexity
debian redhat mozilla CWE-416
critical
 9.8
9.8