Vulnerabilities > Mozilla > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-09 | CVE-2020-26969 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82. | 9.3 |
| 2020-12-09 | CVE-2020-26968 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. | 9.3 |
| 2020-12-09 | CVE-2020-26960 | Use After Free vulnerability in Mozilla Firefox If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. | 9.3 |
| 2020-12-09 | CVE-2020-26952 | Out-of-bounds Write vulnerability in Mozilla Firefox Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. | 9.3 |
| 2020-12-09 | CVE-2020-26950 | Use After Free vulnerability in Mozilla Firefox In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. | 9.3 |
| 2020-10-22 | CVE-2019-17006 | Insufficient Verification of Data Authenticity vulnerability in multiple products In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. | 10.0 |
| 2020-08-10 | CVE-2020-15659 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. | 9.3 |
| 2020-07-09 | CVE-2020-12426 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 77. | 9.3 |
| 2020-07-09 | CVE-2020-12420 | Use After Free vulnerability in multiple products When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. | 9.3 |
| 2020-07-09 | CVE-2020-12417 | Incorrect Conversion between Numeric Types vulnerability in multiple products Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. | 9.3 |