Total
2647 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9817 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | |||||
CVE-2019-9816 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | |||||
CVE-2019-9815 | 2 Apple, Mozilla | 4 Macos, Firefox, Firefox Esr and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | |||||
CVE-2019-9814 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 67. | |||||
CVE-2019-9813 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. | |||||
CVE-2019-9812 | 1 Mozilla | 2 Firefox, Firefox Esr | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered. This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69. | |||||
CVE-2019-9811 | 4 Debian, Mozilla, Novell and 1 more | 6 Debian Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 5.1 MEDIUM | 8.3 HIGH |
As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | |||||
CVE-2019-9810 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Thunderbird and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1. | |||||
CVE-2019-9809 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for a denial of service (DOS) attack. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9808 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which site is asking for this permission. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9807 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9806 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A vulnerability exists during authorization prompting for FTP transaction where successive modal prompts are displayed and cannot be immediately dismissed. This allows for a denial of service (DOS) attack. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9805 | 1 Mozilla | 1 Firefox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A latent vulnerability exists in the Prio library where data may be read from uninitialized memory for some functions, leading to potential memory corruption. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9804 | 2 Apple, Mozilla | 2 Mac Os X, Firefox | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9803 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
The Upgrade-Insecure-Requests (UIR) specification states that if UIR is enabled through Content Security Policy (CSP), navigation to a same-origin URL must be upgraded to HTTPS. Firefox will incorrectly navigate to an HTTP URL rather than perform the security upgrade requested by the CSP in some circumstances, allowing for potential man-in-the-middle attacks on the linked resources. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9802 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9801 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. | |||||
CVE-2019-9800 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Mozilla developers and community members reported memory safety bugs present in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | |||||
CVE-2019-9799 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Insufficient bounds checking of data during inter-process communication might allow a compromised content process to be able to read memory from the parent process under certain conditions. This vulnerability affects Firefox < 66. | |||||
CVE-2019-9798 | 2 Google, Mozilla | 2 Android, Firefox | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66. |