Endpoint Vuln Protection

Name Status
Security vulnerabilities fixed in Firefox 55
Mod
Security vulnerabilities fixed in Firefox ESR 52.3
Mod
Security Vulnerabilities in APSB17-17 for Adobe Flash Player
Mod
Security Vulnerabilities in APSB17-21 for Adobe Flash Player
Mod
Security Vulnerabilities in APSB17-23 for Adobe Flash Player
Mod
Security update available for Adobe Acrobat apsb17-24
Mod
Security update available for Adobe Reader apsb17-24
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Win32k Elevation of Privilege Vulnerability
Mod
PostgreSQL: lo_put() function ignores ACLs
Mod
PostgreSQL: pg_user_mappings view discloses passwords to users lacking server privileges
Mod
PostgreSQL: empty password accepted in some authentication methods
Mod
Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
Mod
Use-after-free and buffer overflow issues found using Address Sanitizer
Mod
Buffer Overflow in Canvas
Mod
URL spoofing in addressbar during page loads
Mod
Use-after-free when displaying table with many columns and column groups
Mod
Crash due to handling of SSL on threads
Mod
AutoWrapperChanger fails to keep objects alive during garbage collection
Mod
Compartment mismatch with quickstubs returned values
Mod
Event manipulation in plugin handler to bypass same-origin policy
Mod
Miscellaneous use-after-free issues found through ASAN fuzzing
Mod
Memory corruption in workers
Mod
Use-after-free in HTML document templates
Mod
Use-after-free in HTML document templates
Mod
Miscellaneous Network Security Services (NSS) vulnerabilities
Mod
Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Mod
Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Mod
Application Installation doorhanger persists on navigation
Mod
Character encoding cross-origin XSS attack
Mod
Sandbox restrictions not applied to nested object elements
Mod
Use-after-free in event listeners
Mod
Use-after-free in event listeners
Mod
Use-after-free during Table Editing
Mod
Use-after-free during Table Editing
Mod
Address space layout leaked in XBL objects
Mod
Potential overflow in JavaScript binary search algorithms
Mod
Segmentation violation when replacing ordered list elements
Mod
Segmentation violation when replacing ordered list elements
Mod
Linux clipboard information disclosure though selection paste
Mod
Trust settings for built-in roots ignored during EV certificate validation
Mod
Trust settings for built-in roots ignored during EV certificate validation
Mod
Use-after-free in synthetic mouse movement
Mod
Use-after-free in synthetic mouse movement
Mod
GetElementIC typed array stubs can be generated outside observed typesets
Mod
GetElementIC typed array stubs can be generated outside observed typesets
Mod
JPEG information leak
Mod
JPEG information leak
Mod
Mis-issued ANSSI/DCSSI certificate
Mod
Mis-issued ANSSI/DCSSI certificate
Mod
Buffer overflow in Javascript string concatenation
Mod
Memory corruption in XBL with XML bindings containing SVG
Mod
Chrome Object Wrapper (COW) bypass through changing prototype
Mod
Privilege escalation through plugin objects
Mod
Use-after-free in serializeToStream
Mod
Use-after-free in ListenerManager
Mod
Use-after-free in Vibrate
Mod
Use-after-free in Javascript Proxy objects
Mod
Mis-issued TURKTRUST certificates
Mod
Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)
Mod
Out-of-bounds read in image rendering
Mod
Wrapped WebIDL objects can be wrapped again
Mod
Web content bypass of COW and SOW security wrappers
Mod
Privacy leak in JavaScript Workers
Mod
Use-after-free in nsImageLoadingContent
Mod
Phishing on HTTPS connection through malicious proxy
Mod
Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
Mod
Use-after-free in HTML Editor
Mod
Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
Mod
Out-of-bounds write in Cairo library
Mod
Privilege escalation through Mozilla Maintenance Service
Mod
Privilege escalation through Mozilla Updater
Mod
Bypass of SOW protections allows cloning of protected nodes
Mod
Bypass of tab-modal dialog origin disclosure
Mod
Cross-site scripting (XSS) using timed history navigations
Mod
Memory corruption while rendering grayscale PNG images
Mod
Out-of-bounds array read in CERT_DecodeCertPackage
Mod
Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
Mod
Privileged access for content level constructor
Mod
File input control has access to full path
Mod
Local privilege escalation through Mozilla Maintenance Service
Mod
Mozilla Updater fails to update some Windows Registry entries
Mod
Use-after-free with video and onresize event
Mod
Uninitialized functions in DOMSVGZoomEvent
Mod
Memory corruption found using Address Sanitizer
Mod
Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Mod
Memory corruption found using Address Sanitizer
Mod
Privileged content access and execution via XBL
Mod
Arbitrary code execution within Profiler
Mod
Execution of unmapped memory through onreadystatechange event
Mod
Data in the body of XHR HEAD requests leads to CSRF attacks
Mod
SVG filters can lead to information disclosure
Mod
PreserveWrapper has inconsistent behavior
Mod
Sandbox restrictions not applied to nested frame elements
Mod
X-Frame-Options ignored when using server push with multi-part responses
Mod
XrayWrappers can be bypassed to run user defined methods in a privileged context
Mod
getUserMedia permission dialog incorrectly displays location
Mod
Homograph domain spoofing in .com, .net and .name
Mod
Inaccessible updater can lead to local privilege escalation
Mod
Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
Mod
Use after free mutating DOM during SetBody
Mod
Buffer underflow when generating CRMF requests
Mod
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
Mod
Crash during WAV audio file decoding
Mod
Document URI misrepresentation and masquerading
Mod
CRMF requests allow for code execution and XSS attacks
Mod
Bypass of XrayWrappers using XBL Scopes
Mod
Further Privilege escalation through Mozilla Updater
Mod
Wrong principal used for validating URI for some Javascript components
Mod
Same-origin bypass with web workers and XMLHttpRequest
Mod
Firefox full and stub installer DLL hijacking
Mod
Local Java applets may read contents of local file system
Mod
Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
Mod
Improper state in HTML5 Tree Builder with templates
Mod
Improper state in HTML5 Tree Builder with templates
Mod
Integer overflow in ANGLE library
Mod
Use-after-free in Animation Manager during stylesheet cloning
Mod
NativeKey continues handling key messages after widget is destroyed
Mod
NativeKey continues handling key messages after widget is destroyed
Mod
Use-after-free with select element
Mod
Use-after-free with select element
Mod
Calling scope for new Javascript objects can lead to memory corruption
Mod
Mozilla Updater does not lock MAR file after signature verification
Mod
Uninitialized data in IonMonkey
Mod
Uninitialized data in IonMonkey
Mod
Compartment mismatch re-attaching XBL-backed nodes
Mod
Buffer overflow with multi-column, lists, and floats
Mod
Memory corruption involving scrolling
Mod
User-defined properties on DOM proxies get the wrong "this" object
Mod
GC hazard with default compartments and frame chain restoration
Mod
GC hazard with default compartments and frame chain restoration
Mod
Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
Mod
Spoofing addressbar though SELECT element
Mod
Spoofing addressbar though SELECT element
Mod
Access violation with XSLT and uninitialized data
Mod
Improperly initialized memory and overflows in some JavaScript functions
Mod
Writing to cycle collected object during image decoding
Mod
Writing to cycle collected object during image decoding
Mod
Use-after-free when updating offline cache
Mod
Security bypass of PDF.js checks using iframes
Mod
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Mod
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Mod
Clone protected content with XBL scopes
Mod
Clone protected content with XBL scopes
Mod
UI selection timeout missing on download prompts
Mod
Incorrect use of discarded images by RasterImage
Mod
Incorrect use of discarded images by RasterImage
Mod
Information disclosure with *FromPoint on iframes
Mod
Profile path leaks to Android system log
Mod
XSLT stylesheets treated as styles in Content Security Policy
Mod
Use-after-free with imgRequestProxy and image proccessing
Mod
Use-after-free with imgRequestProxy and image proccessing
Mod
Cross-origin information leak through web workers
Mod
Cross-origin information leak through web workers
Mod
Firefox default start page UI content invokable by script
Mod
Crash when using web workers with asm.js
Mod
NSS ticket handling issues
Mod
NSS ticket handling issues
Mod
Inconsistent JavaScript handling of access to Window objects
Mod
Inconsistent JavaScript handling of access to Window objects
Mod
Script execution in HTML mail replies
Mod
Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Mod
Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Mod
Files extracted during updates are not always read only
Mod
Files extracted during updates are not always read only
Mod
Out of bounds read during WAV file decoding
Mod
Out of bounds read during WAV file decoding
Mod
crypto.generateCRMFRequest does not validate type of key
Mod
Spoofing attack on WebRTC permission prompt
Mod
onbeforeunload and Javascript navigation DOS
Mod
Local file access via Open Link in new tab
Mod
WebGL content injection from one domain to rendering in another
Mod
Content Security Policy for data: documents not preserved by session restore
Mod
Information disclosure through polygon rendering in MathML
Mod
Information disclosure through polygon rendering in MathML
Mod
Memory corruption in Cairo during PDF font rendering
Mod
Memory corruption in Cairo during PDF font rendering
Mod
SVG filters information disclosure through feDisplacementMap
Mod
SVG filters information disclosure through feDisplacementMap
Mod
Privilege escalation using WebIDL-implemented APIs
Mod
Privilege escalation using WebIDL-implemented APIs
Mod
Use-after-free in TypeObject
Mod
Use-after-free in TypeObject
Mod
Out-of-bounds read/write through neutering ArrayBuffer objects
Mod
Out-of-bounds read/write through neutering ArrayBuffer objects
Mod
Out-of-bounds write through TypedArrayObject after neutering
Mod
Out-of-bounds write through TypedArrayObject after neutering
Mod
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Mod
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Mod
Privilege escalation through Mozilla Maintenance Service Installer
Mod
Web Audio memory corruption issues
Mod
Out of bounds read while decoding JPG images
Mod
Out of bounds read while decoding JPG images
Mod
Buffer overflow when using non-XBL object as XBL
Mod
Buffer overflow when using non-XBL object as XBL
Mod
Use-after-free in the Text Track Manager for HTML video
Mod
Firefox for Android addressbar suppression
Mod
Out-of-bounds write in Cairo
Mod
Privilege escalation through Web Notification API
Mod
Privilege escalation through Web Notification API
Mod
Cross-site scripting (XSS) using history navigations
Mod
Cross-site scripting (XSS) using history navigations
Mod
Use-after-free in imgLoader while resizing images
Mod
Use-after-free in imgLoader while resizing images
Mod
Incorrect IDNA domain name matching for wildcard certificates
Mod
Use-after-free in nsHostResolver
Mod
Use-after-free in nsHostResolver
Mod
Debugger can bypass XrayWrappers with JavaScript
Mod
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Mod
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Mod
Use-after-free and out of bounds issues found using Address Sanitizer
Mod
Use-after-free and out of bounds issues found using Address Sanitizer
Mod
Use-after-free in Event Listener Manager
Mod
Use-after-free with SMIL Animation Controller
Mod
Use-after-free with SMIL Animation Controller
Mod
Buffer overflow in Web Audio Speex resampler
Mod
Buffer overflow in Gamepad API
Mod
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Mod
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Mod
Buffer overflow during Web Audio buffering for playback
Mod
Buffer overflow during Web Audio buffering for playback
Mod
Use-after-free in Web Audio due to incorrect control message ordering
Mod
Use-after-free in Web Audio due to incorrect control message ordering
Mod
Use-after-free in DirectWrite font handling
Mod
Use-after-free in DirectWrite font handling
Mod
Toolbar dialog customization event spoofing
Mod
Use-after-free with FireOnStateChange event
Mod
Use-after-free with FireOnStateChange event
Mod
Exploitable WebGL crash with Cesium JavaScript library
Mod
Exploitable WebGL crash with Cesium JavaScript library
Mod
Use-after-free while when manipulating certificates in the trusted cache
Mod
Use-after-free while when manipulating certificates in the trusted cache
Mod
Crash in Skia library when scaling high quality images
Mod
Crash in Skia library when scaling high quality images
Mod
Certificate parsing broken by non-standard character encoding
Mod
Certificate parsing broken by non-standard character encoding
Mod
IFRAME sandbox same-origin access through redirect
Mod
IFRAME sandbox same-origin access through redirect
Mod
Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Mod
Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Mod
Use-after-free during DOM interactions with SVG
Mod
Use-after-free during DOM interactions with SVG
Mod
Uninitialized memory use during GIF rendering
Mod
Uninitialized memory use during GIF rendering
Mod
Out-of-bounds read in Web Audio audio timeline
Mod
Out-of-bounds read in Web Audio audio timeline
Mod
Use-after-free setting text directionality
Mod
Use-after-free setting text directionality
Mod
RSA Signature Forgery in NSS
Mod
RSA Signature Forgery in NSS
Mod
Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Mod
Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Mod
Buffer overflow during CSS manipulation
Mod
Buffer overflow during CSS manipulation
Mod
Web Audio memory corruption issues with custom waveforms
Mod
Web Audio memory corruption issues with custom waveforms
Mod
Out-of-bounds write with WebM video
Mod
Out-of-bounds write with WebM video
Mod
Further uninitialized memory use during GIF rendering
Mod
Use-after-free interacting with text directionality
Mod
Use-after-free interacting with text directionality
Mod
Key pinning bypasses
Mod
Inconsistent video sharing within iframe
Mod
Inconsistent video sharing within iframe
Mod
Accessing cross-origin objects via the Alarms API
Mod
Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Mod
Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Mod
XBL bindings accessible via improper CSS declarations
Mod
XMLHttpRequest crashes with some input streams
Mod
XMLHttpRequest crashes with some input streams
Mod
CSP leaks redirect data via violation reports
Mod
Use-after-free during HTML5 parsing
Mod
Use-after-free during HTML5 parsing
Mod
Buffer overflow while parsing media content
Mod
Buffer overflow while parsing media content
Mod
Bad casting from the BasicThebesLayer to BasicContainerLayer
Mod
Bad casting from the BasicThebesLayer to BasicContainerLayer
Mod
Privileged access to security wrapped protected objects
Mod
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Mod
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Mod
Uninitialized memory use during bitmap rendering
Mod
sendBeacon requests lack an Origin header
Mod
sendBeacon requests lack an Origin header
Mod
Cookie injection through Proxy Authenticate responses
Mod
Cookie injection through Proxy Authenticate responses
Mod
Read of uninitialized memory in Web Audio
Mod
Read-after-free in WebRTC
Mod
Gecko Media Plugin sandbox escape
Mod
Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
Mod
XrayWrapper bypass through DOM objects
Mod
Update OpenH264 plugin to version 1.3
Mod
Arbitrary file manipulation by local user through Mozilla updater
Mod
Arbitrary file manipulation by local user through Mozilla updater
Mod
Buffer overflow in libvpx while parsing vp9 format video
Mod
Buffer overflow in libvpx while parsing vp9 format video
Mod
Crash when using debugger with SavedStacks in JavaScript
Mod
URL spoofing in reader mode
Mod
Use-after-free with shared workers and IndexedDB
Mod
Buffer overflow while decoding WebM video
Mod
Buffer overflow while decoding WebM video
Mod
Use-after-free while manipulating HTML media content
Mod
Use-after-free while manipulating HTML media content
Mod
Scripted proxies can access inner window
Mod
JavaScript immutable property enforcement can be bypassed
Mod
Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
Mod
Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
Mod
Dragging and dropping images exposes final URL after redirects
Mod
Dragging and dropping images exposes final URL after redirects
Mod
Errors in the handling of CORS preflight request headers
Mod
Errors in the handling of CORS preflight request headers
Mod
Vulnerabilities found through code inspection
Mod
Vulnerabilities found through code inspection
Mod
Memory safety errors in libGLES in the ANGLE graphics library
Mod
Memory safety errors in libGLES in the ANGLE graphics library
Mod
Information disclosure via the High Resolution Time API
Mod
Cross-origin restriction bypass using Fetch
Mod
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Mod
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Mod
Information disclosure through NTLM authentication
Mod
CSP bypass due to permissive Reader mode whitelist
Mod
Invoking Mozilla updater will load locally stored DLL files
Mod
Invoking Mozilla updater will load locally stored DLL files
Mod
Disabling scripts in Add-on SDK panels has no effect
Mod
Trailing whitespace in IP address hostnames can bypass same-origin policy
Mod
Trailing whitespace in IP address hostnames can bypass same-origin policy
Mod
Buffer overflow during image interactions in canvas
Mod
Buffer overflow during image interactions in canvas
Mod
CORS preflight is bypassed when non-standard Content-Type headers are received
Mod
CORS preflight is bypassed when non-standard Content-Type headers are received
Mod
Memory corruption in libjar through zip files
Mod
Memory corruption in libjar through zip files
Mod
Certain escaped characters in host of Location-header are being treated as non-escaped
Mod
Appended period to hostnames can bypass HPKP and HSTS protections
Mod
JavaScript garbage collection crash with Java applet
Mod
Vulnerabilities found through code inspection
Mod
Vulnerabilities found through code inspection
Mod
Mixed content WebSocket policy bypass through workers
Mod
Mixed content WebSocket policy bypass through workers
Mod
NSS and NSPR memory corruption issues
Mod
NSS and NSPR memory corruption issues
Mod
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Mod
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Mod
Crash with JavaScript variable assignment with unboxed objects
Mod
Same-origin policy violation using performance.getEntries and history navigation
Mod
Firefox allows for control characters to be set in cookies
Mod
Use-after-free in WebRTC when datachannel is used after being destroyed
Mod
Integer overflow allocating extremely large textures
Mod
Integer overflow allocating extremely large textures
Mod
Malicious WebGL content crash when writing strings
Mod
Cross-origin information leak through web workers error events
Mod
Hash in data URI is incorrectly parsed
Mod
DOS due to malformed frames in HTTP/2
Mod
Linux file chooser crashes on malformed images due to flaws in Jasper library
Mod
Buffer overflows found through code inspection
Mod
Underflow through code inspection
Mod
Underflow through code inspection
Mod
Integer overflow in MP4 playback in 64-bit versions
Mod
Integer overflow in MP4 playback in 64-bit versions
Mod
Integer underflow and buffer overflow processing MP4 metadata in libstagefright
Mod
Privilege escalation vulnerabilities in WebExtension APIs
Mod
Cross-site reading attack through data and view-source URIs
Mod
Cross-site reading attack through data and view-source URIs
Mod
TLS TURN and STUN connections silently fail to simple TCP connections
Mod
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
Mod
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
Mod
Use-after-free in IndexedDB
Mod
Use-after-free in IndexedDB
Mod
Buffer overflow in libstagefright during MP4 video playback
Mod
Double-free when using non-default memory allocators with a zero-length XHR
Mod
Out-of-bounds read and write while rendering SVG content
Mod
Out-of-bounds read and write while rendering SVG content
Mod
Buffer overflow during CSS restyling
Mod
Buffer underflow during MP3 playback
Mod
Crash using DrawTarget in Cairo graphics library
Mod
Use-after-free in Developer Console date with OpenType Sanitiser
Mod
Reading of local files through manipulation of form autocomplete
Mod
Reading of local files through manipulation of form autocomplete
Mod
Local files or privileged URLs in pages can be opened into new tabs
Mod
UI Tour whitelisted sites in background tab can spoof foreground tabs
Mod
Caja Compiler JavaScript sandbox bypass
Mod
Privilege escalation through SVG navigation
Mod
Code execution through incorrect JavaScript bounds checking elimination
Mod
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Mod
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Mod
Add-on lightweight theme installation approval bypassed through MITM attack
Mod
resource:// documents can load privileged pages
Mod
resource:// documents can load privileged pages
Mod
Out of bounds read in QCMS library
Mod
Incorrect memory management for simple-type arrays in WebRTC
Mod
CORS requests should not follow 30x redirections after preflight
Mod
CORS requests should not follow 30x redirections after preflight
Mod
Memory corruption crashes in Off Main Thread Compositing
Mod
Use-after-free due to type confusion flaws
Mod
Same-origin bypass through anchor navigation
Mod
Same-origin bypass through anchor navigation
Mod
PRNG weakness allows for DNS poisoning on Android
Mod
Windows can retain access to privileged content on navigation to unprivileged pages
Mod
Loading privileged content through Reader mode
Mod
Certificate verification bypass through the HTTP/2 Alt-Svc header
Mod
Memory corruption during failed plugin initialization
Mod
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Mod
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Mod
Buffer overflow parsing H.264 video with Linux Gstreamer
Mod
Buffer overflow parsing H.264 video with Linux Gstreamer
Mod
Buffer overflow with SVG content and CSS
Mod
Buffer overflow with SVG content and CSS
Mod
Referrer policy ignored when links opened by middle-click and context menu
Mod
Out-of-bounds read and write in asm.js validation
Mod
Use-after-free during text processing with vertical text enabled
Mod
Use-after-free during text processing with vertical text enabled
Mod
Use-after-free due to Media Decoder Thread creation during shutdown
Mod
Buffer overflow when parsing compressed XML
Mod
Buffer overflow when parsing compressed XML
Mod
Buffer overflow and out-of-bounds read while parsing MP4 video metadata
Mod
Untrusted site hosting trusted page can intercept webchannel responses
Mod
Privilege escalation through IPC channel messages
Mod
Privilege escalation through IPC channel messages
Mod
Mozilla Windows updater can be run outside of application directory
Mod
Mozilla Windows updater can be run outside of application directory
Mod
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
Mod
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
Mod
Local files or privileged URLs in pages can be opened into new tabs
Mod
Type confusion in Indexed Database Manager
Mod
Out-of-bound read while computing an oscillator rendering range in Web Audio
Mod
Use-after-free in Content Policy due to microtask execution error
Mod
Use-after-free in Content Policy due to microtask execution error
Mod
ECDSA signature validation fails to handle some signatures correctly
Mod
Use-after-free in workers while using XMLHttpRequest
Mod
Vulnerabilities found through code inspection
Mod
Vulnerabilities found through code inspection
Mod
Key pinning is ignored when overridable errors are encountered
Mod
Key pinning is ignored when overridable errors are encountered
Mod
OS X crash reports may contain entered key press information
Mod
Privilege escalation through internal workers
Mod
NSS accepts export-length DHE keys with regular DHE cipher suites
Mod
NSS accepts export-length DHE keys with regular DHE cipher suites
Mod
NSS incorrectly permits skipping of ServerKeyExchange
Mod
NSS incorrectly permits skipping of ServerKeyExchange
Mod
Same origin violation and local file stealing via PDF reader
Mod
Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Mod
Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Mod
Out-of-bounds read with malformed MP3 file
Mod
Use-after-free in MediaStream playback
Mod
Redefinition of non-configurable JavaScript object properties
Mod
Overflow issues in libstagefright
Mod
Arbitrary file overwriting through Mozilla Maintenance Service with hard links
Mod
Arbitrary file overwriting through Mozilla Maintenance Service with hard links
Mod
Out-of-bounds write with Updater and malicious MAR file
Mod
Out-of-bounds write with Updater and malicious MAR file
Mod
Feed protocol with POST bypasses mixed content protections
Mod
Crash when using shared memory in JavaScript
Mod
Heap overflow in gdk-pixbuf when scaling bitmap images
Mod
Heap overflow in gdk-pixbuf when scaling bitmap images
Mod
Buffer overflows on Libvpx when decoding WebM video
Mod
Vulnerabilities found through code inspection
Mod
Vulnerabilities found through code inspection
Mod
Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification
Mod
Use-after-free in XMLHttpRequest with shared workers
Mod
Integer overflows in libstagefright while processing MP4 video metadata
Mod
Use-after-free when resizing canvas element during restyling
Mod
Add-on notification bypass through data URLs
Mod
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Mod
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Mod
Memory leak in mozTCPSocket to servers
Mod
Out of bounds read in QCMS library with ICC V4 profile attributes
Mod
Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
Mod
Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
Mod
Out of Memory crash when parsing GIF format images
Mod
Buffer overflow in WebGL after out of memory allocation
Mod
Buffer overflow in WebGL after out of memory allocation
Mod
Firefox allows for control characters to be set in cookie names
Mod
Missing delay following user click events in protocol handler dialog
Mod
Errors in mp_div and mp_exptmod cryptographic functions in NSS
Mod
Addressbar spoofing attacks
Mod
Unsafe memory manipulation found through code inspection
Mod
Application Reputation service disabled in Firefox 43
Mod
Same-origin-policy violation using Service Workers with plugins
Mod
Vulnerabilities in Graphite 2
Mod
Vulnerabilities in Graphite 2
Mod
Use-after-free in NSS during SSL connections in low memory
Mod
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Mod
Local file overwriting and potential privilege escalation through CSP reports
Mod
CSP reports fail to strip location information for embedded iframe pages
Mod
Memory leak in libstagefright when deleting an array during MP4 processing
Mod
Displayed page address can be overridden
Mod
Service Worker Manager out-of-bounds read in Service Worker Manager
Mod
Use-after-free in HTML5 string parser
Mod
Use-after-free in SetBody
Mod
Use-after-free when using multiple WebRTC data channels
Mod
Memory corruption when modifying a file being read by FileReader
Mod
Use-after-free during XML transformations
Mod
Addressbar spoofing though history navigation and Location protocol property
Mod
Same-origin policy violation using performance.getEntries and history navigation with session restore
Mod
Buffer overflow in Brotli decompression
Mod
Memory corruption with malicious NPAPI plugin
Mod
WebRTC and LibVPX vulnerabilities found through code inspection
Mod
Use-after-free in GetStaticInstance in WebRTC
Mod
Out-of-bounds read in HTML parser following a failed allocation
Mod
Buffer overflow during ASN.1 decoding in NSS
Mod
Use-after-free during processing of DER encoded keys in NSS
Mod
Font vulnerabilities in the Graphite 2 library
Mod
Out-of-bounds write with malicious font in Graphite 2
Mod
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Mod
Local file overwriting and potential privilege escalation through CSP reports
Mod
Memory leak in libstagefright when deleting an array during MP4 processing
Mod
Use-after-free in HTML5 string parser
Mod
Use-after-free in SetBody
Mod
Use-after-free during XML transformations
Mod
Memory corruption with malicious NPAPI plugin
Mod
Out-of-bounds read in HTML parser following a failed allocation
Mod
Buffer overflow during ASN.1 decoding in NSS
Mod
Font vulnerabilities in the Graphite 2 library
Mod
Security Vulnerabilities in APSB15-18 for Adobe Flash Player
Mod
Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
Mod
Privilege escalation through file deletion by Maintenance Service updater
Mod
Use-after-free and buffer overflow in Service Workers
Mod
Buffer overflow in libstagefright with CENC offsets
Mod
CSP not applied to pages sent with multipart/x-mixed-replace
Mod
Elevation of privilege with chrome.tabs.update API in web extensions
Mod
Write to invalid HashMap entry through JavaScript.watch()
Mod
Firefox Health Reports could accept events from untrusted domains
Mod
Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
Mod
Buffer overflow parsing HTML5 fragments
Mod
Use-after-free deleting tables from a contenteditable document
Mod
Addressbar spoofing though the SELECT element
Mod
Out-of-bounds write with WebGL shader
Mod
Partial same-origin-policy through setting location.host through data URI
Mod
File overwrite and privilege escalation through Mozilla Windows updater
Mod
Use-after-free when textures are used in WebGL operations after recycle pool destruction
Mod
Incorrect icon displayed on permissions notifications
Mod
Entering fullscreen and persistent pointerlock without user permission
Mod
Information disclosure of disabled plugins through CSS pseudo-classes
Mod
Java applets bypass CSP protections
Mod
Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)
Mod
Network Security Services (NSS) vulnerabilities
Mod
Favicon network connection can persist when page is closed
Mod
Buffer overflow rendering SVG with bidirectional content
Mod
Location bar spoofing via data URLs with malformed/invalid mediatypes
Mod
Stack underflow during 2D graphics rendering
Mod
Out-of-bounds read during XML parsing in Expat library
Mod
Arbitrary file manipulation by local user through Mozilla updater and callback application path parameter
Mod
Use-after-free when using alt key and toplevel menus
Mod
Crash in incremental garbage collection in JavaScript
Mod
Use-after-free in DTLS during WebRTC session shutdown
Mod
Use-after-free in service workers with nested sync events
Mod
Form input type change from password to text can store plain text password in session restore file
Mod
Integer overflow in WebSockets during data buffering
Mod
Scripts on marquee tag can execute in sandboxed iframes
Mod
Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback
Mod
Type confusion in display transformation
Mod
Use-after-free when applying SVG effects
Mod
Same-origin policy violation using local HTML file and saved shortcut file
Mod
Information disclosure and local file manipulation through drag and drop
Mod
Spoofing attack through text injection into internal error pages
Mod
Information disclosure through Resource Timing API during page navigation
Mod
PostgreSQL: Certain nested CASE/WHEN expressions can crash server
Mod
PostgreSQL: Exceptional database and role names could enable escalation to superuser
Mod
PostgreSQL: Plan cache might use wrong role context for RLS policy
Mod
PostgreSQL: pageinspect does not check permissions for BRIN indexes
Mod
Security vulnerabilities fixed in Firefox 49
Mod
Security vulnerabilities fixed in Firefox ESR 45.4
Mod
Security vulnerabilities fixed in Firefox 49.0.2
Mod
Security vulnerabilities fixed in Thunderbird 45.4
Mod
Security vulnerabilities fixed in Firefox ESR 45.5
Mod
Security vulnerabilities fixed in Firefox 50
Mod
Security vulnerabilities fixed in Firefox 50.0.1
Mod
Firefox SVG Animation Remote Code Execution
Mod
Firefox SVG Animation Remote Code Execution
Mod
Security vulnerabilities fixed in Thunderbird 45.5
Mod
Security update available for Adobe Reader APSB13-02
Mod
Security update available for Adobe Acrobat APSB13-02
Mod
Security update available for Adobe Reader APSB13-15
Mod
Security update available for Adobe Acrobat APSB13-15
Mod
Security update available for Adobe Reader APSB14-01
Mod
Security update available for Adobe Acrobat APSB14-01
Mod
Security update available for Adobe Reader APSB14-15
Mod
Security update available for Adobe Acrobat APSB14-15
Mod
Security update available for Adobe Reader APSB14-19
Mod
Security update available for Adobe Acrobat APSB14-19
Mod
Security update available for Adobe Acrobat APSB16-02
Mod
Security update available for Adobe Reader APSB16-02
Mod
Security update available for Adobe Acrobat APSB16-09
Mod
Security update available for Adobe Reader APSB16-09
Mod
Security update available for Adobe Acrobat APSB16-14
Mod
Security update available for Adobe Reader APSB16-14
Mod
Security update available for Adobe Acrobat APSB16-26
Mod
Security update available for Adobe Reader APSB16-26
Mod
Security update available for Adobe Acrobat APSB16-33
Mod
Security update available for Adobe Reader APSB16-33
Mod
Security vulnerabilities fixed in Firefox 50.1
Mod
Security vulnerabilities fixed in Firefox ESR 45.6
Mod
Security vulnerabilities fixed in Thunderbird 45.6
Mod
Security update available for Adobe Acrobat APSB17-01
Mod
Security update available for Adobe Reader APSB17-01
Mod
Security vulnerabilities fixed in Firefox 51
Mod
Security vulnerabilities fixed in Firefox ESR 45.7
Mod
Security vulnerabilities fixed in Thunderbird 45.7
Mod
Security vulnerabilities fixed in Firefox 52
Mod
Security vulnerabilities fixed in Firefox ESR 45.8
Mod
Security vulnerabilities fixed in Thunderbird 45.8
Mod
integer overflow in createImageBitmap()
Mod
Security update available for Adobe Acrobat APSB17-11
Mod
Security update available for Adobe Reader APSB17-11
Mod
Security vulnerabilities fixed in - Thunderbird 52
Mod
Security vulnerabilities fixed in Firefox 53
Mod
Security vulnerabilities fixed in Firefox ESR 45.9
Mod
Security vulnerabilities fixed in Firefox ESR 52.1
Mod
Security vulnerabilities fixed in Thunderbird 52.1
Mod
Use after free in ANGLE
Mod
Security Vulnerabilities in APSB17-15 for Adobe Flash Player
Mod
Windows GDI Information Disclosure Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Dxgkrnl.sys Elevation of Privilege Vulnerability
Mod
Microsoft ActiveX Information Disclosure Vulnerability
Mod
Windows Kernel Elevation of Privilege Vulnerability
Mod
Win32k Information Disclosure Vulnerability
Mod
Win32k Elevation of Privilege Vulnerability
Mod
.Net Security Feature Bypass Vulnerability
Mod
Microsoft Office Memory Corruption Vulnerability
Mod
Microsoft SharePoint XSS Vulnerability
Mod
Windows Kernel Information Disclosure Vulnerability
Mod
Windows Kernel Information Disclosure Vulnerability
Mod
Microsoft Office Remote Code Execution Vulnerability
Mod
Microsoft Office Remote Code Execution Vulnerability
Mod
Win32k Elevation of Privilege Vulnerability
Mod
Internet Explorer Security Feature Bypass Vulnerability
Mod
Windows DNS Server Denial of Service Vulnerability
Mod
Windows Kernel Information Disclosure Vulnerability
Mod
Windows Hyper-V vSMB Elevation of Privilege Vulnerability
Mod
Windows COM Elevation of Privilege Vulnerability
Mod
Windows COM Elevation of Privilege Vulnerability
Mod
Windows Kernel Information Disclosure Vulnerability
Mod
Microsoft Edge Memory Corruption Vulnerability
Mod
Internet Explorer Memory Corruption Vulnerability
Mod
Internet Explorer Memory Corruption Vulnerability
Mod
Microsoft Edge Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Microsoft Browser Spoofing Vulnerability
Mod
Microsoft Edge Elevation of Privilege Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Scripting Engine Memory Corruption Vulnerability
Mod
Microsoft Edge Memory Corruption Vulnerability
Mod
Microsoft Edge Elevation of Privilege Vulnerability
Mod
May Flash Security Update
Mod
Microsoft Office Memory Corruption Vulnerability
Mod
Microsoft Office Memory Corruption Vulnerability
Mod
Microsoft Edge Remote Code Execution Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Denial of Service Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Remote Code Execution Vulnerability
Mod
Windows SMB Denial of Service Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Information Disclosure Vulnerability
Mod
Windows SMB Remote Code Execution Vulnerability
Mod
Windows SMB Remote Code Execution Vulnerability
Mod
Windows SMB Remote Code Execution Vulnerability
Mod
Windows SMB Denial of Service Vulnerability
Mod
Microsoft Office Remote Code Execution Vulnerability
Mod
PostgreSQL: selectivity estimators bypass SELECT privilege checks
Mod
PostgreSQL: libpq ignores PGREQUIRESSL environment variable
Mod
PostgreSQL: pg_user_mappings view discloses foreign server passwords
Mod
PostgreSQL: Interactive installer downloads software over plain HTTP, then executes it
Mod
Security vulnerabilities fixed in Firefox 54
Mod
Security vulnerabilities fixed in Firefox ESR 52.2
Mod
Security vulnerabilities fixed in Thunderbird 52.2
Mod
Security patch #74603 available for PHP
Mod
Security patch #68819 available for PHP
Mod