| 2018-06-11 | CVE-2016-5296 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. | 5.0 |
| 2018-06-11 | CVE-2016-5294 | Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. | 2.1 |
| 2018-06-11 | CVE-2016-5291 | Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. | 4.9 |
| 2018-06-11 | CVE-2016-5290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Memory safety bugs were reported in Firefox 49 and Firefox ESR 45.4. | 7.5 |
| 2017-03-15 | CVE-2016-10196 | Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. | 5.0 |
| 2016-03-13 | CVE-2016-1974 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document. | 6.8 |
| 2016-03-13 | CVE-2016-1966 | The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin. | 6.8 |
| 2016-03-13 | CVE-2016-1964 | Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations. | 6.8 |
| 2016-03-13 | CVE-2016-1961 | Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. | 6.8 |
| 2016-03-13 | CVE-2016-1960 | Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. | 6.8 |