VIR Vulnerability Intelligence Relay

Search

Found 418 results in 199ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-8959 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8956 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8953 critical 9.6 9.6 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8950 critical 9.3 9.3 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8401 critical 9.8 9.8 FIX rheldebian debian sles mozilla 8d ago Important: thunderbird security update
CVE-2026-8094 critical 9.8 9.8 FIX rheldebian debian sles mozilla 9d ago RHSA-2026:20566: firefox security update (Important)
CVE-2026-8948 critical 9.1 9.1 FIX debian debian sles mozilla 15d ago Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVE-2026-7321 critical 9.6 9.6 FIX rheldebian debianalmalinux almalinux mozilla 16d ago RHSA-2026:20586: thunderbird security update (Important)
CVE-2026-41512 critical 9.9 9.9 mozilla 26d ago ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomati…
CVE-2026-8091 critical 9.8 9.8 FIX debian debian sles mozilla 27d ago Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.…
CVE-2026-5735 critical 9.8 9.8 FIX debian debian sles mozilla 2mo ago Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exp…
CVE-2026-4698 critical 9.8 9.8 FIX rocky rheldebian debian mozilla 2mo ago JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-2786 critical 9.8 9.8 FIX rocky rheldebian debian mozilla 3mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2007-5341 critical 9.8 9.8 mozilla 9y ago Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.
CVE-2017-5461 critical 9.8 9.8 FIX arch arch slesdebian debian mozilla 9y ago Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of…
CVE-2016-5281 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by levera…
CVE-2016-5280 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows rem…
CVE-2016-5277 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary co…
CVE-2016-5276 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote a…
CVE-2016-5274 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute …
CVE-2016-5270 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers …
CVE-2016-5257 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (mem…
CVE-2016-5256 critical 9.8 9.8 FIX arch archdebian debian mozilla 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2016-5254 critical 9.8 9.8 FIX slesdebian debian mozilla 10y ago Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of…
CVE-2016-0718 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu mozillasuselibexpat_project 10y ago Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
CVE-2016-1962 critical 9.8 9.8 FIX debian debiansuse suse mozilla 10y ago Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by…
CVE-2016-1946 critical 9.8 9.8 suse suse mozilla 11y ago The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox before 44.0 does not limit the size of read operations, which might allow remote attackers to cause a …
CVE-2016-1944 critical 9.8 9.8 suse suse mozilla 11y ago The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified…
CVE-2016-1931 critical 10.0 10.0 suse suse mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2016-1930 critical 9.8 9.8 suse suse mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and a…
CVE-2015-7221 critical 10.0 suse susefedora fedora mozilla 11y ago Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified o…
CVE-2015-7220 critical 10.0 suse susefedora fedora mozilla 11y ago Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact…
CVE-2015-7205 critical 10.0 suse susefedora fedora mozilla 11y ago Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause …
CVE-2015-7203 critical 10.0 suse susefedora fedora mozilla 11y ago Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or…
CVE-2015-7202 critical 10.0 suse susefedora fedora mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2015-7201 critical 10.0 suse susefedora fedora mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and a…
CVE-2015-7182 critical 9.8 9.8 FIX debian debian oraclemozilla 11y ago Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 an…
CVE-2015-4516 critical 9.3 mozilla 11y ago Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and modify immutable properties, and consequently execute arbitrary JavaScript c…
CVE-2015-4497 critical 10.0 mozilla 11y ago Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to execute arbitrary code by le…
CVE-2015-4496 critical 9.3 mozilla 11y ago Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CV…
CVE-2015-4493 critical 9.3 ubuntu ubuntususe suse mozilla 11y ago Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute ar…
CVE-2015-4486 critical 10.0 FIX debian debianubuntu ubuntususe suse mozilla 11y ago The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds…
CVE-2015-4485 critical 10.0 FIX debian debianubuntu ubuntususe suse mozilla 11y ago Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malfo…
CVE-2015-4480 critical 9.3 ubuntu ubuntususe suse mozilla 11y ago Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code …
CVE-2015-4479 critical 10.0 ubuntu ubuntususe suse mozilla 11y ago Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video …
CVE-2015-4477 critical 10.0 ubuntu ubuntususe suse mozilla 11y ago Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.
CVE-2015-4474 critical 10.0 ubuntu ubuntususe suse mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2015-4473 critical 10.0 slesubuntu ubuntudebian debian mozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and a…
CVE-2015-2740 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remot…
CVE-2015-2739 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has …
CVE-2015-2738 critical 10.0 ubuntu ubuntudebian debiansuse suse mozilla 11y ago The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1…
CVE-2015-2737 critical 10.0 ubuntu ubuntudebian debiansuse suse mozilla 11y ago The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from …
CVE-2015-2736 critical 9.3 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which all…
CVE-2015-2735 critical 9.3 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to …
CVE-2015-2734 critical 10.0 ubuntu ubuntudebian debiansuse suse mozilla 11y ago The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 r…
CVE-2015-2733 critical 10.0 suse suse mozilla 11y ago Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbit…
CVE-2015-2731 critical 10.0 mozilla 11y ago Use-after-free vulnerability in the CSPService::ShouldLoad function in the microtask implementation in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allows re…
CVE-2015-2726 critical 10.0 suse suse mozillanovell 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2015-2725 critical 10.0 suse suse novellmozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of servic…
CVE-2015-2724 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cau…
CVE-2015-2722 critical 10.0 suse suse mozillanovell 11y ago Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbit…
CVE-2014-1567 critical 9.3 mozilla 12y ago Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows…
CVE-2014-1563 critical 10.0 suse suse mozilla 12y ago Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers t…
CVE-2014-1562 critical 10.0 mozilla 12y ago Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote …
CVE-2014-1554 critical 10.0 mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2014-1553 critical 10.0 suse suse mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of s…
CVE-2014-1557 critical 9.3 debian debian mozilla 12y ago The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data dur…
CVE-2014-1556 critical 9.3 mozilla 12y ago Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScrip…
CVE-2014-1555 critical 9.3 mozilla 12y ago Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbit…
CVE-2014-1551 critical 10.0 mozilla 12y ago Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arb…
CVE-2014-1550 critical 10.0 mozilla 12y ago Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (hea…
CVE-2014-1549 critical 9.3 mozilla 12y ago The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows…
CVE-2014-1548 critical 10.0 mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and applic…
CVE-2014-1547 critical 10.0 mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of servic…
CVE-2014-1544 critical 10.0 FIX debian debian mozilla 12y ago Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Th…
CVE-2014-1545 critical 10.0 FIX debian debian mozilla 12y ago Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and conso…
CVE-2014-1541 critical 10.0 mozilla 12y ago Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 …
CVE-2014-1540 critical 9.3 mozilla 12y ago Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitr…
CVE-2014-1538 critical 10.0 mozilla 12y ago Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute …
CVE-2014-1537 critical 10.0 mozilla 12y ago Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (…
CVE-2014-1536 critical 10.0 mozilla 12y ago The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecifie…
CVE-2014-1534 critical 10.0 mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2014-1533 critical 10.0 mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of servic…
CVE-2014-1532 critical 9.8 9.8 ubuntu ubuntudebian debian rhel mozilla 12y ago Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonk…
CVE-2014-1528 critical 10.0 ubuntu ubuntususe susefedora fedora mozilla 12y ago The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of ser…
CVE-2014-1525 critical 9.3 ubuntu ubuntususe susefedora fedora mozilla 12y ago The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remot…
CVE-2014-1524 critical 9.8 9.8 ubuntu ubuntudebian debian rhel mozilla 12y ago The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether obj…
CVE-2014-1522 critical 9.3 ubuntu ubuntususe susefedora fedora mozilla 12y ago The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or…
CVE-2014-1519 critical 9.3 ubuntu ubuntususe susefedora fedora mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and applicat…
CVE-2014-1514 critical 9.8 9.8 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a …
CVE-2014-1512 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows r…
CVE-2014-1511 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.
CVE-2014-1510 critical 9.8 10.0 EXP ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript cod…
CVE-2014-1508 critical 9.1 9.1 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive…
CVE-2014-1494 critical 9.3 suse suse mozilla 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and applicat…
CVE-2014-1493 critical 9.8 9.8 ubuntu ubuntudebian debiansuse suse mozillasuse 12y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to c…
CVE-2014-1490 critical 9.3 FIX suse susedebian debianubuntu ubuntu mozillaoracle 13y ago Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24…
CVE-2014-1488 critical 10.0 suse suseubuntu ubuntu mozilla 13y ago The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that ha…
CVE-2014-1486 critical 9.8 9.8 fedora fedorasuse suse rhel mozillasuse 13y ago Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers t…
CVE-2014-1478 critical 10.0 suse suseubuntu ubuntu mozilla 13y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and applicat…