Vulnerabilities > Mozilla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2016-9077 | Race Condition vulnerability in Mozilla Firefox Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. | 7.0 |
2018-06-11 | CVE-2016-9076 | Improper Input Validation vulnerability in Mozilla Firefox An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. | 5.9 |
2018-06-11 | CVE-2016-9075 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox An issue where WebExtensions can use the mozAddonManager API to elevate privilege due to privileged pages being allowed in the permissions list. | 9.8 |
2018-06-11 | CVE-2016-9074 | Information Exposure vulnerability in multiple products An existing mitigation of timing side-channel attacks is insufficient in some circumstances. | 5.9 |
2018-06-11 | CVE-2016-9073 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. | 7.5 |
2018-06-11 | CVE-2016-9072 | 7PK - Security Features vulnerability in Mozilla Firefox When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. | 7.5 |
2018-06-11 | CVE-2016-9071 | 7PK - Security Features vulnerability in Mozilla Firefox Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. | 5.3 |
2018-06-11 | CVE-2016-9070 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. | 8.0 |
2018-06-11 | CVE-2016-9068 | Use After Free vulnerability in Mozilla Firefox A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. | 7.5 |
2018-06-11 | CVE-2016-9067 | Use After Free vulnerability in Mozilla Firefox Two use-after-free errors during DOM operations resulting in potentially exploitable crashes. | 6.5 |