Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Firefox
(Mozilla)| Repositories |
• https://github.com/libevent/libevent
• https://github.com/khaledhosny/ots |
| #Vulnerabilities | 2708 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-03-11 | CVE-2011-1187 | Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." | Chrome, Firefox, Seamonkey, Thunderbird | N/A | ||
| 2020-05-26 | CVE-2020-12390 | Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76. | Firefox | N/A | ||
| 2020-05-26 | CVE-2020-12389 | The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. | Firefox, Firefox_esr | N/A | ||
| 2020-02-18 | CVE-2013-5594 | Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding | Firefox | N/A | ||
| 2020-01-21 | CVE-2011-2669 | Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates. | Firefox | N/A | ||
| 2020-01-21 | CVE-2011-2668 | Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header | Firefox | N/A | ||
| 2020-01-08 | CVE-2019-17008 | When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | Firefox, Firefox_esr, Thunderbird, Leap | N/A | ||
| 2020-01-13 | CVE-2011-2670 | Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets | Firefox | N/A | ||
| 2020-01-08 | CVE-2019-17025 | Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72. | Ubuntu_linux, Firefox | N/A | ||
| 2020-01-08 | CVE-2019-17022 | When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist.... | Ubuntu_linux, Debian_linux, Firefox, Firefox_esr, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A |