Total
225 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5118 | 7 Canonical, Debian, Graphicsmagick and 4 more | 14 Ubuntu Linux, Debian Linux, Graphicsmagick and 11 more | 2024-11-19 | 10.0 HIGH | 9.8 CRITICAL |
| The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. | |||||
| CVE-2016-5254 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items. | |||||
| CVE-2016-5252 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations. | |||||
| CVE-2016-5262 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox="allow-scripts" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. | |||||
| CVE-2016-5264 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application. | |||||
| CVE-2016-5258 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session. | |||||
| CVE-2016-5265 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 4.0 MEDIUM | 5.5 MEDIUM |
| Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS (UXSS) attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same local directory. | |||||
| CVE-2016-2837 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 6.3 MEDIUM |
| Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass. | |||||
| CVE-2016-5263 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion." | |||||
| CVE-2016-5259 | 2 Mozilla, Oracle | 2 Firefox, Linux | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop. | |||||
| CVE-2016-2795 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted Graphite smart font. | |||||
| CVE-2016-1957 | 4 Mozilla, Novell, Opensuse and 1 more | 6 Firefox, Thunderbird, Suse Package Hub For Suse Linux Enterprise and 3 more | 2024-10-22 | 4.3 MEDIUM | 4.3 MEDIUM |
| Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array. | |||||
| CVE-2016-1935 | 3 Mozilla, Opensuse, Oracle | 4 Firefox, Leap, Opensuse and 1 more | 2024-10-22 | 9.3 HIGH | 8.8 HIGH |
| Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. | |||||
| CVE-2016-2798 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | |||||
| CVE-2016-1964 | 4 Mozilla, Opensuse, Oracle and 1 more | 6 Firefox, Thunderbird, Leap and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations. | |||||
| CVE-2016-2802 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font. | |||||
| CVE-2016-1954 | 4 Mozilla, Novell, Opensuse and 1 more | 6 Firefox, Thunderbird, Suse Package Hub For Suse Linux Enterprise and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file. | |||||
| CVE-2016-1950 | 4 Apple, Mozilla, Opensuse and 1 more | 12 Iphone Os, Mac Os X, Tvos and 9 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. | |||||
| CVE-2016-2799 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2024-10-22 | 9.3 HIGH | 8.8 HIGH |
| Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font. | |||||
| CVE-2016-2801 | 5 Mozilla, Opensuse, Oracle and 2 more | 6 Firefox, Leap, Opensuse and 3 more | 2024-10-22 | 6.8 MEDIUM | 8.8 HIGH |
| The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2797. | |||||