Vulnerabilities > Mozilla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-27 | CVE-2019-11753 | Improper Validation of Integrity Check Value vulnerability in Mozilla Firefox The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. | 7.8 |
| 2019-09-27 | CVE-2019-11752 | Use After Free vulnerability in Mozilla Firefox It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. | 8.8 |
| 2019-09-27 | CVE-2019-11751 | Argument Injection or Modification vulnerability in Mozilla Firefox Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. | 8.8 |
| 2019-09-27 | CVE-2019-11746 | Use After Free vulnerability in Mozilla Firefox A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. | 8.8 |
| 2019-09-27 | CVE-2019-11740 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. | 8.8 |
| 2019-09-27 | CVE-2019-11736 | Race Condition vulnerability in Mozilla Firefox The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. | 7.0 |
| 2019-09-27 | CVE-2019-11735 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 68 and Firefox ESR 68. | 8.8 |
| 2019-07-23 | CVE-2019-9821 | Use After Free vulnerability in Mozilla Firefox A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. | 8.1 |
| 2019-07-23 | CVE-2019-9818 | Use After Free vulnerability in Mozilla Firefox A race condition is present in the crash generation server used to generate data for the crash reporter. | 8.3 |
| 2019-07-23 | CVE-2019-9815 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. | 8.1 |