Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-5123

Summary
Assigner-mozilla
Assigner Org ID-f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At-29 Apr, 2019 | 15:34
Updated At-05 Aug, 2024 | 05:26
Rejected At-
Credits

A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mozilla
Assigner Org ID:f16b083a-5664-49f3-a51e-8d479e5ed7fe
Published At:29 Apr, 2019 | 15:34
Updated At:05 Aug, 2024 | 05:26
Rejected At:
▼CVE Numbering Authority (CNA)

A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.

Affected Products
Vendor
Mozilla CorporationMozilla
Product
Bugzilla
Versions
Affected
  • All versions prior to Bugzilla 4.4
Problem Types
TypeCWE IDDescription
textN/AImproper Access Control
Type: text
CWE ID: N/A
Description: Improper Access Control
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123
x_refsource_CONFIRM
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123
x_refsource_CONFIRM
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mozilla.org
Published At:29 Apr, 2019 | 16:29
Updated At:08 May, 2019 | 14:18

A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Mozilla Corporation
mozilla
>>bugzilla>>Versions before 4.4(exclusive)
cpe:2.3:a:mozilla:bugzilla:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-352Primarynvd@nist.gov
CWE ID: CWE-352
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123security@mozilla.org
Issue Tracking
Exploit
Patch
Vendor Advisory
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=CVE-2018-5123
Source: security@mozilla.org
Resource:
Issue Tracking
Exploit
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2777Records found
CVE-2020-6801
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.56% / 67.09%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 04:05
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-6806
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-5.21% / 89.55%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 21:14
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-125
Out-of-bounds Read
CVE-2009-1307
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.37% / 79.46%
||
7 Day CHG~0.00%
Published-22 Apr, 2009 | 18:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxthunderbirdseamonkeyn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-6819
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-0.35% / 56.74%
||
7 Day CHG~0.00%
Published-24 Apr, 2020 | 15:56
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefox_esrthunderbirdfirefoxThunderbirdFirefoxFirefox ESRFirefox and Thunderbird
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-6800
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.04% / 76.48%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 04:05
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrThunderbirdFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-0689
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-6.8||MEDIUM
EPSS-41.05% / 97.29%
||
7 Day CHG~0.00%
Published-01 Jul, 2009 | 12:26
Updated-07 Aug, 2024 | 04:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.

Action-Not Available
Vendor-k-meleon_projectn/aFreeBSD FoundationOpenBSDMozilla CorporationNetBSD
Product-freebsdfirefoxseamonkeyopenbsdnetbsdk-meleonn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-43539
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.54% / 66.65%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 21:20
Updated-04 Aug, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-firefoxthunderbirddebian_linuxfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2019-17012
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.24% / 78.41%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:24
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Action-Not Available
Vendor-Canonical Ltd.openSUSEMozilla Corporation
Product-ubuntu_linuxthunderbirdfirefoxfirefox_esrleapThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2009-0253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.48% / 80.20%
||
7 Day CHG~0.00%
Published-22 Jan, 2009 | 18:00
Updated-07 Aug, 2024 | 04:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CVE-2019-17017
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.78%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:27
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopFirefoxFirefox ESR
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-17008
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.85% / 74.02%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:17
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Action-Not Available
Vendor-openSUSEMozilla Corporation
Product-firefoxthunderbirdfirefox_esrleapThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
CVE-2019-17024
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.78% / 81.93%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:31
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Canonical Ltd.openSUSEMozilla Corporation
Product-enterprise_linux_serverubuntu_linuxdebian_linuxfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_desktopleapFirefoxFirefox ESR
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17019
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.48% / 64.08%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:28
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsFirefox
CVE-2019-17005
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.66% / 81.31%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:14
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The plain text serializer used a fixed-size array for the number of <ol> elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Action-Not Available
Vendor-Canonical Ltd.openSUSEMozilla Corporation
Product-ubuntu_linuxthunderbirdfirefoxfirefox_esrleapThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17026
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-48.80% / 97.68%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 04:05
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1.

Action-Not Available
Vendor-Canonical Ltd.Mozilla Corporation
Product-thunderbirdfirefoxubuntu_linuxThunderbirdFirefoxFirefox ESRFirefox and Thunderbird
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-17013
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.40% / 59.95%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:25
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 70. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 71.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17025
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.57% / 67.71%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:31
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 72.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17015
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.93% / 75.17%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 21:26
Updated-05 Aug, 2024 | 01:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsfirefox_esrFirefoxFirefox ESR
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11711
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-2.26% / 83.96%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 13:19
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-firefoxthunderbirddebian_linuxfirefox_esrFirefoxFirefox ESRThunderbird
CVE-2019-11764
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.07% / 76.84%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 20:02
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11751
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.60% / 68.39%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 17:14
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. <br>*Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsfirefox_esrFirefoxFirefox ESR
CWE ID-CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CVE-2019-11740
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.86% / 74.12%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 17:19
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

Action-Not Available
Vendor-Canonical Ltd.openSUSEMozilla Corporation
Product-ubuntu_linuxthunderbirdfirefoxfirefox_esrleapFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11746
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.65% / 69.94%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 17:16
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-416
Use After Free
CVE-2019-11738
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-6.3||MEDIUM
EPSS-0.58% / 68.06%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 17:19
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox < 69 and Firefox ESR < 68.1.

Action-Not Available
Vendor-openSUSEMozilla Corporation
Product-firefoxfirefox_esrleapFirefoxFirefox ESR
CVE-2019-11756
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.23% / 45.56%
||
7 Day CHG+0.02%
Published-08 Jan, 2020 | 19:23
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2019-11696
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.18%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 13:22
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Files with the .JNLP extension used for "Java web start" applications are not treated as executable content for download prompts even though they can be executed if Java is installed on the local system. This could allow users to mistakenly launch an executable binary locally. This vulnerability affects Firefox < 67.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-20
Improper Input Validation
CVE-2019-11745
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.62% / 69.08%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 19:22
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Canonical Ltd.Mozilla CorporationSiemens AGopenSUSE
Product-ubuntu_linuxruggedcom_rox_rx1511thunderbirdruggedcom_rox_rx1512_firmwarefirefoxruggedcom_rox_rx1512enterprise_linux_server_ausruggedcom_rox_mx5000_firmwareleapruggedcom_rox_rx1511_firmwareruggedcom_rox_rx1510ruggedcom_rox_rx1400_firmwareruggedcom_rox_rx1400ruggedcom_rox_rx1510_firmwareruggedcom_rox_rx1500ruggedcom_rox_rx5000debian_linuxfirefox_esrruggedcom_rox_rx1501ruggedcom_rox_mx5000ruggedcom_rox_rx1500_firmwareruggedcom_rox_rx1501_firmwareruggedcom_rox_rx5000_firmwareThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11760
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.46% / 80.05%
||
7 Day CHG~0.00%
Published-08 Jan, 2020 | 19:51
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-9069
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.99%
||
7 Day CHG~0.00%
Published-18 Oct, 2018 | 13:00
Updated-06 Aug, 2024 | 02:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2016-9896
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-2.43% / 84.53%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-06 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free while manipulating the "navigator" object within WebVR. Note: WebVR is not currently enabled by default. This vulnerability affects Firefox < 50.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-416
Use After Free
CVE-2016-9905
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.24% / 78.38%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-06 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. This vulnerability affects Firefox ESR < 45.6 and Thunderbird < 45.6.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Mozilla Corporation
Product-enterprise_linux_serverthunderbirddebian_linuxfirefox_esrenterprise_linux_workstationenterprise_linux_desktopThunderbirdFirefox ESR
CWE ID-CWE-284
Improper Access Control
CVE-2016-9070
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8||HIGH
EPSS-0.86% / 74.16%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-06 Aug, 2024 | 02:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A maliciously crafted page loaded to the sidebar through a bookmark can reference a privileged chrome window and engage in limited JavaScript operations violating cross-origin protections. This vulnerability affects Firefox < 50.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CWE ID-CWE-264
Not Available
CVE-2021-38501
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.88% / 74.39%
||
7 Day CHG+0.23%
Published-03 Nov, 2021 | 00:02
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR < 91.2.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbird
CVE-2007-1562
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-29.04% / 96.40%
||
7 Day CHG~0.00%
Published-21 Mar, 2007 | 19:00
Updated-07 Aug, 2024 | 12:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.

Action-Not Available
Vendor-n/aMozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxn/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-38493
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.33% / 55.40%
||
7 Day CHG+0.09%
Published-03 Nov, 2021 | 00:03
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.14, Thunderbird < 78.14, and Firefox < 92.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5146
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-26.24% / 96.10%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxthunderbirdenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5158
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-55.53% / 97.98%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopFirefoxFirefox ESR
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-5178
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-22.30% / 95.59%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxthunderbirddebian_linuxenterprise_linux_server_eusfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopthunderbird_esrThunderbird ESRFirefox ESRThunderbird
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5125
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.10% / 77.17%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxthunderbirdfirefoxfirefox_esrenterprise_linux_workstationenterprise_linux_desktopThunderbirdFirefox ESRFirefox
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-30547
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.73% / 71.85%
||
7 Day CHG~0.00%
Published-15 Jun, 2021 | 21:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Action-Not Available
Vendor-Mozilla CorporationGoogle LLCFedora ProjectDebian GNU/Linux
Product-chromefirefoxdebian_linuxfedoraChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5130
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.19% / 78.00%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstances a potentially exploitable crash is triggered. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusfirefoxfirefox_esrenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktopFirefoxFirefox ESR
CWE ID-CWE-20
Improper Input Validation
CVE-2021-29967
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.18% / 39.25%
||
7 Day CHG~0.00%
Published-24 Jun, 2021 | 13:14
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-29988
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.29% / 52.33%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 19:12
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-29976
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.35% / 56.42%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 19:46
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2007-1084
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.05% / 76.63%
||
7 Day CHG~0.00%
Published-23 Feb, 2007 | 00:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page.

Action-Not Available
Vendor-n/aMozilla Corporation
Product-firefoxn/a
CWE ID-CWE-16
Not Available
CVE-2021-23962
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.34% / 56.14%
||
7 Day CHG~0.00%
Published-26 Feb, 2021 | 02:02
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxFirefox
CVE-2018-18503
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.99% / 82.86%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 21:00
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxFirefox
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-0994
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.50% / 84.73%
||
7 Day CHG~0.00%
Published-06 Mar, 2007 | 00:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, (2) link, or (3) style tag, which bypasses the access checks and executes code with chrome privileges.

Action-Not Available
Vendor-n/aDebian GNU/LinuxMozilla Corporation
Product-firefoxdebian_linuxseamonkeyn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-6820
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.1||HIGH
EPSS-4.41% / 88.57%
||
7 Day CHG~0.00%
Published-24 Apr, 2020 | 15:56
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefox_esrthunderbirdfirefoxThunderbirdFirefoxFirefox ESRFirefox and Thunderbird
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-6807
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-1.42% / 79.79%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 21:13
Updated-04 Aug, 2024 | 09:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxthunderbirdfirefox_esrThunderbirdFirefox ESRFirefox
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 55
  • 56
  • Next
Details not found