Mozilla Firefox vulnerabilities
3,148 known vulnerabilities affecting mozilla/firefox.
Total CVEs
3,148
CISA KEV
17
actively exploited
Public exploits
122
Exploited in wild
22
Severity breakdown
CRITICAL862HIGH921MEDIUM1295LOW70
Vulnerabilities
Page 71 of 158
CVE-2017-5459CRITICALCVSS 9.8fixed in 45.9.0fixed in 53.0+2 more2018-06-11
CVE-2017-5459 [CRITICAL] CWE-119 CVE-2017-5459: A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash.
A buffer overflow in WebGL triggerable by web content, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
nvd
CVE-2017-5438CRITICALCVSS 9.8fixed in 45.9.0fixed in 53.0+2 more2018-06-11
CVE-2017-5438 [CRITICAL] CWE-416 CVE-2017-5438: A use-after-free vulnerability during XSLT processing due to the result handler being held by a free
A use-after-free vulnerability during XSLT processing due to the result handler being held by a freed handler during handling. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
nvd
CVE-2018-5102CRITICALCVSS 9.8fixed in 58.0fixed in 52.6.0+1 more2018-06-11
CVE-2018-5102 [CRITICAL] CWE-416 CVE-2018-5102: A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, r
A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.6, Firefox ESR < 52.6, and Firefox < 58.
nvd
CVE-2017-7749CRITICALCVSS 9.8fixed in 54.0fixed in 52.2.0+1 more2018-06-11
CVE-2017-7749 [CRITICAL] CWE-416 CVE-2017-7749: A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
nvd
CVE-2017-7757CRITICALCVSS 9.8fixed in 52.2.0fixed in 54.0+1 more2018-06-11
CVE-2017-7757 [CRITICAL] CWE-416 CVE-2017-7757: A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a m
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
nvd
CVE-2018-5101HIGHCVSS 7.5≤ 57.0.4≥ unspecified, < 582018-06-11
CVE-2018-5101 [HIGH] CWE-416 CVE-2018-5101: A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, r
A use-after-free vulnerability can occur when manipulating floating "first-letter" style elements, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
nvdosv
CVE-2017-7797HIGHCVSS 7.5fixed in 55.0≥ unspecified, < 552018-06-11
CVE-2017-7797 [HIGH] CWE-346 CVE-2017-7797: Response header name interning does not have same-origin protections and these headers are stored in
Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55.
nvdosv
CVE-2017-5381HIGHCVSS 7.5fixed in 51.0≥ unspecified, < 512018-06-11
CVE-2017-5381 [HIGH] CWE-22 CVE-2017-5381: The "export" function in the Certificate Viewer can force local filesystem navigation when the "comm
The "export" function in the Certificate Viewer can force local filesystem navigation when the "common name" in a certificate contains slashes, allowing certificate content to be saved in unsafe locations with an arbitrary filename. This vulnerability affects Firefox < 51.
nvdosv
CVE-2018-5177HIGHCVSS 7.5fixed in 60.0≥ unspecified, < 602018-06-11
CVE-2018-5177 [HIGH] CWE-119 CVE-2018-5177: A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocate
A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. This vulnerability affects Firefox < 60.
nvdosv
CVE-2016-9072HIGHCVSS 7.5fixed in 50.0≥ unspecified, < 502018-06-11
CVE-2016-9072 [HIGH] CWE-254 CVE-2016-9072: When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI
When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.
nvd
CVE-2017-7790HIGHCVSS 7.5fixed in 55.0≥ unspecified, < 552018-06-11
CVE-2017-7790 [HIGH] CVE-2017-7790: On Windows systems, if non-null-terminated strings are copied into the crash reporter for some speci
On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affec
nvd
CVE-2017-7813HIGHCVSS 8.2≤ 55.0.3≥ unspecified, < 562018-06-11
CVE-2017-7813 [HIGH] CWE-125 CVE-2017-7813: Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from o
Inside the JavaScript parser, a cast of an integer to a narrower type can result in data read from outside the buffer being parsed. This usually results in a non-exploitable crash, but can leak a limited amount of information from memory if it matches JavaScript identifier syntax. This vulnerability affects Firefox < 56.
nvdosv
CVE-2018-5180HIGHCVSS 7.5fixed in 60.0≥ unspecified, < 602018-06-11
CVE-2018-5180 [HIGH] CWE-416 CVE-2018-5180: A use-after-free vulnerability can occur during WebGL operations. While this results in a potentiall
A use-after-free vulnerability can occur during WebGL operations. While this results in a potentially exploitable crash, the vulnerability is limited because the memory is freed and reused in a brief window of time during the freeing of the same callstack. This vulnerability affects Firefox < 60.
nvdosv
CVE-2017-5406HIGHCVSS 7.5fixed in 52.0≥ unspecified, < 522018-06-11
CVE-2017-5406 [HIGH] CWE-119 CVE-2017-5406: A segmentation fault can occur in the Skia graphics library during some canvas operations due to iss
A segmentation fault can occur in the Skia graphics library during some canvas operations due to issues with mask/clip intersection and empty masks. This vulnerability affects Firefox < 52 and Thunderbird < 52.
nvdosv
CVE-2017-5388HIGHCVSS 7.5fixed in 51.0≥ unspecified, < 512018-06-11
CVE-2017-5388 [HIGH] CWE-770 CVE-2017-5388: A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to
A STUN server in conjunction with a large number of "webkitRTCPeerConnection" objects can be used to send large STUN packets in a short period of time due to a lack of rate limiting being applied on e10s systems, allowing for a denial of service attack. This vulnerability affects Firefox < 51.
nvdosv
CVE-2017-7794HIGHCVSS 7.8fixed in 55.0≥ unspecified, < 552018-06-11
CVE-2017-7794 [HIGH] CWE-276 CVE-2017-7794: On Linux systems, if the content process is compromised, the sandbox broker will allow files to be t
On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating systems are not affected. This vulnerability affects Firefox < 5
nvdosv
CVE-2018-5125HIGHCVSS 8.8fixed in 52.7.0fixed in 59.0+1 more2018-06-11
CVE-2018-5125 [HIGH] CWE-119 CVE-2018-5125: Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evide
Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59.
nvdosv
CVE-2017-5411HIGHCVSS 7.5fixed in 52.0≥ unspecified, < 522018-06-11
CVE-2017-5411 [HIGH] CWE-416 CVE-2017-5411: A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used
A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. Note: This issue is in "libGLES", which is only in use on Windows. Other operating systems are not affected. This vulne
nvd
CVE-2018-5093HIGHCVSS 7.5≤ 57.0.4≥ unspecified, < 582018-06-11
CVE-2018-5093 [HIGH] CWE-119 CVE-2018-5093: A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resultin
A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 58.
nvdosv
CVE-2016-5295HIGHCVSS 7.8fixed in 50.0≥ unspecified, < 502018-06-11
CVE-2016-5295 [HIGH] CWE-264 CVE-2016-5295: This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege b
This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects
nvd