Vulnerabilities > Mozilla > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-20 | CVE-2020-25648 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. | 7.5 |
2020-10-01 | CVE-2020-15675 | Use After Free vulnerability in Mozilla Firefox When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. | 8.8 |
2020-10-01 | CVE-2020-15674 | Improper Locking vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 80. | 8.8 |
2020-10-01 | CVE-2020-15670 | Reachable Assertion vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers reported memory safety bugs present in Firefox for Android 79. | 8.8 |
2020-10-01 | CVE-2020-15669 | Use After Free vulnerability in Mozilla Firefox ESR When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. | 8.8 |
2020-10-01 | CVE-2020-15667 | Out-of-bounds Write vulnerability in Mozilla Firefox When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. | 8.8 |
2020-10-01 | CVE-2020-15663 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. | 8.8 |
2020-10-01 | CVE-2020-15678 | Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. | 8.8 |
2020-10-01 | CVE-2020-15673 | Use After Free vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. | 8.8 |
2020-08-10 | CVE-2020-15659 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. | 8.8 |