Vulnerabilities > Mozilla > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2016-9077 | Race Condition vulnerability in Mozilla Firefox Canvas allows the use of the "feDisplacementMap" filter on images loaded cross-origin. | 7.0 |
| 2018-06-11 | CVE-2016-9073 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. | 7.5 |
| 2018-06-11 | CVE-2016-9072 | 7PK - Security Features vulnerability in Mozilla Firefox When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. | 7.5 |
| 2018-06-11 | CVE-2016-9070 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. | 8.0 |
| 2018-06-11 | CVE-2016-9068 | Use After Free vulnerability in Mozilla Firefox A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. | 7.5 |
| 2018-06-11 | CVE-2016-9066 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. | 7.5 |
| 2018-06-11 | CVE-2016-9065 | Improper Input Validation vulnerability in Mozilla Firefox The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. | 7.5 |
| 2018-06-11 | CVE-2016-9061 | Permission Issues vulnerability in Mozilla Firefox A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. | 7.5 |
| 2018-06-11 | CVE-2016-5299 | Permission Issues vulnerability in Mozilla Firefox A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. | 7.5 |
| 2018-06-11 | CVE-2016-5296 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. | 7.5 |