Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2013-1689 | Improper Input Validation vulnerability in Mozilla Firefox Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames. | 6.5 |
| 2019-11-15 | CVE-2016-5285 | NULL Pointer Dereference vulnerability in multiple products A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. | 7.5 |
| 2019-09-27 | CVE-2019-11755 | Improper Verification of Cryptographic Signature vulnerability in Mozilla Thunderbird A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature, although the signer might have had no access to the contents of the encrypted message, and might have stripped a different signature from the encrypted message. | 7.5 |
| 2019-09-27 | CVE-2019-11754 | Unspecified vulnerability in Mozilla Firefox When the pointer lock is enabled by a website though requestPointerLock(), no user notification is given. | 4.3 |
| 2019-09-27 | CVE-2019-11753 | Improper Validation of Integrity Check Value vulnerability in Mozilla Firefox The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. | 7.8 |
| 2019-09-27 | CVE-2019-11752 | Use After Free vulnerability in Mozilla Firefox It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. | 8.8 |
| 2019-09-27 | CVE-2019-11751 | Argument Injection or Modification vulnerability in Mozilla Firefox Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. | 8.8 |
| 2019-09-27 | CVE-2019-11750 | Use of Uninitialized Resource vulnerability in Mozilla Firefox A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash. | 6.5 |
| 2019-09-27 | CVE-2019-11749 | Unspecified vulnerability in Mozilla Firefox A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. | 4.3 |
| 2019-09-27 | CVE-2019-11748 | Improper Preservation of Permissions vulnerability in Mozilla Firefox WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. | 6.5 |