Security Advisories for Firefox — Mozill

Security Advisories for Firefox — Mozilla
Help us improve your Mozilla experience
In addition to Cookies necessary for this site to function, we’d like your permission to set some additional Cookies to better understand your browsing needs and improve your experience. Rest assured — we value your privacy.
Cookie settings
Impact key
Critical
Vulnerability can be used to run attacker code and install
software, requiring no user interaction beyond normal browsing.
High
Vulnerability can be used to gather sensitive data
from sites in other windows or inject data or code into
those sites, requiring no more than normal browsing actions.
Moderate
Vulnerabilities that would otherwise be High or Critical
except they only work in uncommon non-default configurations or
require the user to perform complicated and/or unlikely steps.
Low
Minor security vulnerabilities such as Denial of Service
attacks, minor data leaks, or spoofs. (Undetectable spoofs of
SSL indicia would have "High" impact because those are generally
used to steal sensitive data intended for other sites.)
Fixed in Firefox 150
2026-30
Security Vulnerabilities fixed in Firefox 150
Fixed in Firefox 149.0.2
2026-25
Security Vulnerabilities fixed in Firefox 149.0.2
Fixed in Firefox 149
2026-20
Security Vulnerabilities fixed in Firefox 149
Fixed in Firefox 148.0.2
2026-19
Security Vulnerabilities fixed in Firefox 148.0.2
Fixed in Firefox 148
2026-13
Security Vulnerabilities fixed in Firefox 148
Fixed in Firefox 147.0.4
2026-10
Security Vulnerabilities fixed in Firefox 147.0.4, ESR 140.7.1, and ESR 115.32.1
Fixed in Firefox 147.0.2
2026-06
Security Vulnerabilities fixed in Firefox 147.0.2
Fixed in Firefox 147
2026-01
Security Vulnerabilities fixed in Firefox 147
Fixed in Firefox 146.0.1
2025-98
Security Vulnerabilities fixed in Firefox 146.0.1
Fixed in Firefox 146
2025-92
Security Vulnerabilities fixed in Firefox 146
Fixed in Firefox 145
2025-87
Security Vulnerabilities fixed in Firefox 145
Fixed in Firefox 144.0.2
2025-86
Security Vulnerabilities fixed in Firefox 144.0.2
Fixed in Firefox 144
2025-81
Security Vulnerabilities fixed in Firefox 144
Fixed in Firefox 143.0.3
2025-80
Security Vulnerabilities fixed in Firefox 143.0.3
Fixed in Firefox 143
2025-73
Security Vulnerabilities fixed in Firefox 143
Fixed in Firefox 142
2025-64
Security Vulnerabilities fixed in Firefox 142
Fixed in Firefox 141
2025-56
Security Vulnerabilities fixed in Firefox 141
Fixed in Firefox 140
2025-51
Security Vulnerabilities fixed in Firefox 140
Fixed in Firefox 139.0.4
2025-47
Security Vulnerabilities fixed in Firefox 139.0.4
Fixed in Firefox 139
2025-42
Security Vulnerabilities fixed in Firefox 139
Fixed in Firefox 138.0.4
2025-36
Security Vulnerabilities fixed in Firefox 138.0.4
Fixed in Firefox 138
2025-28
Security Vulnerabilities fixed in Firefox 138
Fixed in Firefox 137.0.2
2025-25
Security vulnerability fixed in Firefox 137.0.2
Fixed in Firefox 137
2025-20
Security Vulnerabilities fixed in Firefox 137
Fixed in Firefox 136.0.4
2025-19
Security Vulnerability fixed in Firefox 136.0.4, Firefox ESR 128.8.1, Firefox ESR 115.21.1
Fixed in Firefox 136
2025-14
Security Vulnerabilities fixed in Firefox 136
Fixed in Firefox 135.0.1
2025-12
Security Vulnerabilities fixed in Firefox 135.0.1
Fixed in Firefox 135
2025-07
Security Vulnerabilities fixed in Firefox 135
Fixed in Firefox 134
2025-01
Security Vulnerabilities fixed in Firefox 134
Fixed in Firefox 133
2024-63
Security Vulnerabilities fixed in Firefox 133
Fixed in Firefox 132
2024-55
Security Vulnerabilities fixed in Firefox 132
Fixed in Firefox 131.0.3
2024-53
Security Vulnerability fixed in Firefox 131.0.3
Fixed in Firefox 131.0.2
2024-51
Security Vulnerability fixed in Firefox 131.0.2, Firefox ESR 128.3.1, Firefox ESR 115.16.1
Fixed in Firefox 131
2024-46
Security Vulnerabilities fixed in Firefox 131
Fixed in Firefox 130
2024-39
Security Vulnerabilities fixed in Firefox 130
Fixed in Firefox 129
2024-33
Security Vulnerabilities fixed in Firefox 129
Fixed in Firefox 128
2024-29
Security Vulnerabilities fixed in Firefox 128
Fixed in Firefox 127
2024-25
Security Vulnerabilities fixed in Firefox 127
Fixed in Firefox 126
2024-21
Security Vulnerabilities fixed in Firefox 126
Fixed in Firefox 125
2024-18
Security Vulnerabilities fixed in Firefox 125
Fixed in Firefox 124.0.1
2024-15
Security Vulnerabilities fixed in Firefox 124.0.1
Fixed in Firefox 124
2024-12
Security Vulnerabilities fixed in Firefox 124
Fixed in Firefox 123
2024-05
Security Vulnerabilities fixed in Firefox 123
Fixed in Firefox 122
2024-01
Security Vulnerabilities fixed in Firefox 122
Fixed in Firefox 121
2023-56
Security Vulnerabilities fixed in Firefox 121
Fixed in Firefox 120
2023-49
Security Vulnerabilities fixed in Firefox 120
Fixed in Firefox 119
2023-45
Security Vulnerabilities fixed in Firefox 119
Fixed in Firefox 118.0.1
2023-44
Security Vulnerability fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox for Android 118.1.0, Firefox Focus for Android 118.1.0, and Thunderbird 115.3.1.
Fixed in Firefox 118
2023-41
Security Vulnerabilities fixed in Firefox 118
Fixed in Firefox 117.0.1
2023-40
Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2
Fixed in Firefox 117
2023-34
Security Vulnerabilities fixed in Firefox 117
Fixed in Firefox 116
2023-29
Security Vulnerabilities fixed in Firefox 116
Fixed in Firefox 115.0.2
2023-26
Security Vulnerabilities fixed in Firefox 115.0.2 and Firefox ESR 115.0.2
Fixed in Firefox 115
2023-22
Security Vulnerabilities fixed in Firefox 115
Fixed in Firefox 114
2023-20
Security Vulnerabilities fixed in Firefox 114
Fixed in Firefox 113
2023-16
Security Vulnerabilities fixed in Firefox 113
Fixed in Firefox 112
2023-13
Security Vulnerabilities fixed in Firefox 112, Firefox for Android 112, Focus for Android 112
Fixed in Firefox 111
2023-09
Security Vulnerabilities fixed in Firefox 111
Fixed in Firefox 110
2023-05
Security Vulnerabilities fixed in Firefox 110
Fixed in Firefox 109
2023-01
Security Vulnerabilities fixed in Firefox 109
Fixed in Firefox 108
2022-51
Security Vulnerabilities fixed in Firefox 108
Fixed in Firefox 107
2022-47
Security Vulnerabilities fixed in Firefox 107
Fixed in Firefox 106
2022-44
Security Vulnerabilities fixed in Firefox 106
Fixed in Firefox 105
2022-40
Security Vulnerabilities fixed in Firefox 105
Fixed in Firefox 104
2022-33
Security Vulnerabilities fixed in Firefox 104
Fixed in Firefox 103
2022-28
Security Vulnerabilities fixed in Firefox 103
Fixed in Firefox 102
2022-24
Security Vulnerabilities fixed in Firefox 102
Fixed in Firefox 101
2022-20
Security Vulnerabilities fixed in Firefox 101
Fixed in Firefox 100.0.2
2022-19
Security Vulnerabilities fixed in Firefox 100.0.2, Firefox for Android 100.3.0, Firefox ESR 91.9.1, Thunderbird 91.9.1
Fixed in Firefox 100
2022-16
Security Vulnerabilities fixed in Firefox 100
Fixed in Firefox 99
2022-13
Security Vulnerabilities fixed in Firefox 99
Fixed in Firefox 98
2022-10
Security Vulnerabilities fixed in Firefox 98
Fixed in Firefox 97.0.2
2022-09
Security Vulnerabilities fixed in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0
Fixed in Firefox 97
2022-04
Security Vulnerabilities fixed in Firefox 97
Fixed in Firefox 96
2022-01
Security Vulnerabilities fixed in Firefox 96
Fixed in Firefox 95
2021-52
Security Vulnerabilities fixed in Firefox 95
Fixed in Firefox 94
2021-48
Security Vulnerabilities fixed in Firefox 94
Fixed in Firefox 93
2021-43
Security Vulnerabilities fixed in Firefox 93
Fixed in Firefox 92
2021-38
Security Vulnerabilities fixed in Firefox 92
Fixed in Firefox 91.0.1
2021-37
Security Vulnerabilities fixed in Firefox 91.0.1 and Thunderbird 91.0.1
Fixed in Firefox 91
2021-33
Security Vulnerabilities fixed in Firefox 91
Fixed in Firefox 90
2021-28
Security Vulnerabilities fixed in Firefox 90
Fixed in Firefox 89.0.1
2021-27
Security Vulnerabilities fixed in Firefox 89.0.1
Fixed in Firefox 89
2021-23
Security Vulnerabilities fixed in Firefox 89
Fixed in Firefox 88.0.1
2021-20
Security Vulnerabilities fixed in Firefox 88.0.1, Firefox for Android 88.1.3
Fixed in Firefox 88
2021-16
Security Vulnerabilities fixed in Firefox 88
Fixed in Firefox 87
2021-10
Security Vulnerabilities fixed in Firefox 87
Fixed in Firefox 86
2021-07
Security Vulnerabilities fixed in Firefox 86
Fixed in Firefox 85.0.1
2021-06
Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1
Fixed in Firefox 85
2021-03
Security Vulnerabilities fixed in Firefox 85
Fixed in Firefox 84.0.2
2021-01
Security Vulnerabilities fixed in Firefox 84.0.2, Firefox for Android 84.1.3, and Firefox ESR 78.6.1
Fixed in Firefox 84
2020-54
Security Vulnerabilities fixed in Firefox 84
Fixed in Firefox 83
2020-50
Security Vulnerabilities fixed in Firefox 83
Fixed in Firefox 82.0.3
2020-49
Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2
Fixed in Firefox 82
2020-45
Security Vulnerabilities fixed in Firefox 82
Fixed in Firefox 81
2020-42
Security Vulnerabilities fixed in Firefox 81
Fixed in Firefox 80
2020-36
Security Vulnerabilities fixed in Firefox 80
Fixed in Firefox 79
2020-30
Security Vulnerabilities fixed in Firefox 79
Fixed in Firefox 78.0.2
2020-28
Security Vulnerabilities fixed in Firefox 78.0.2
Fixed in Firefox 78
2020-24
Security Vulnerabilities fixed in Firefox 78
Fixed in Firefox 77
2020-20
Security Vulnerabilities fixed in Firefox 77
Fixed in Firefox 76
2020-16
Security Vulnerabilities fixed in Firefox 76
Fixed in Firefox 75
2020-12
Security Vulnerabilities fixed in Firefox 75
Fixed in Firefox 74.0.1
2020-11
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
Fixed in Firefox 74
2020-08
Security Vulnerabilities fixed in Firefox 74
Fixed in Firefox 73
2020-05
Security Vulnerabilities fixed in Firefox 73
Fixed in Firefox 72.0.1
2020-03
Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1
Fixed in Firefox 72
2020-01
Security Vulnerabilities fixed in Firefox 72
Fixed in Firefox 71
2019-36
Security Vulnerabilities fixed in - Firefox 71
Fixed in Firefox 70
2019-34
Security vulnerabilities fixed in - Firefox 70
Fixed in Firefox 69.0.1
2019-31
Security vulnerabilities fixed in Firefox 69.0.1
Fixed in Firefox 69
2019-25
Security vulnerabilities fixed in Firefox 69
Fixed in Firefox 68.10.1
2020-27
Security Vulnerabilities fixed in Firefox for Android 68.10.1
Fixed in Firefox 68.0.2
2019-24
Stored passwords in 'Saved Logins' can be copied without master password entry
Fixed in Firefox 68
2019-21
Security vulnerabilities fixed in Firefox 68
Fixed in Firefox 67.0.4
2019-19
Security vulnerabilities fixed in Firefox 67.0.4 and Firefox ESR 60.7.2
Fixed in Firefox 67.0.3
2019-18
Security vulnerabilities fixed in Firefox 67.0.3 and Firefox ESR 60.7.1
Fixed in Firefox 67.0.2
2019-16
Security vulnerabilities fixed in Firefox 67.0.2
Fixed in Firefox 67
2019-13
Security vulnerabilities fixed in Firefox 67
Fixed in Firefox 66.0.1
2019-09
Security vulnerabilities fixed in Firefox 66.0.1
Fixed in Firefox 66
2019-07
Security vulnerabilities fixed in Firefox 66
Fixed in Firefox 65.0.1
2019-04
Security vulnerabilities fixed in Firefox 65.0.1
Fixed in Firefox 65
2019-01
Security vulnerabilities fixed in Firefox 65
Fixed in Firefox 64
2018-29
Security vulnerabilities fixed in Firefox 64
Fixed in Firefox 63
2018-26
Security vulnerabilities fixed in Firefox 63
Fixed in Firefox 62.0.3
2018-24
Security vulnerabilities fixed in Firefox 62.0.3 and Firefox ESR 60.2.2
Fixed in Firefox 62.0.2
2018-22
Security vulnerabilities fixed in Firefox 62.0.2
Fixed in Firefox 62
2018-20
Security vulnerabilities fixed in Firefox 62
Fixed in Firefox 61
2018-15
Security vulnerabilities fixed in Firefox 61
Fixed in Firefox 60.0.2
2018-14
Security vulnerabilities fixed in Firefox 60.0.2, ESR 60.0.2, and ESR 52.8.1
Fixed in Firefox 60
2018-11
Security vulnerabilities fixed in Firefox 60
Fixed in Firefox 59.0.2
2018-10
Use-after-free in compositor
Fixed in Firefox 59.0.1
2018-08
Out of bounds memory write while processing Vorbis audio data
Fixed in Firefox 59
2018-06
Security vulnerabilities fixed in Firefox 59
Fixed in Firefox 58.0.1
2018-05
Arbitrary code execution through unsanitized browser UI
Fixed in Firefox 58
2018-02
Security vulnerabilities fixed in Firefox 58
Fixed in Firefox 57.0.4
2018-01
Speculative execution side-channel attack ("Spectre")
Fixed in Firefox 57.0.2
2017-29
Security vulnerabilities fixed in Firefox 57.0.2
Fixed in Firefox 57.0.1
2017-27
Security vulnerabilities fixed in Firefox 57.0.1
Fixed in Firefox 57
2017-24
Security vulnerabilities fixed in Firefox 57
Fixed in Firefox 56
2017-21
Security vulnerabilities fixed in Firefox 56
Fixed in Firefox 55
2017-18
Security vulnerabilities fixed in Firefox 55
Fixed in Firefox 54
2017-15
Security vulnerabilities fixed in Firefox 54
Fixed in Firefox 53.0.2
2017-14
Use after free in ANGLE
Fixed in Firefox 53
2017-10
Security vulnerabilities fixed in Firefox 53
Fixed in Firefox 52.0.1
2017-08
integer overflow in createImageBitmap()
Fixed in Firefox 52
2017-05
Security vulnerabilities fixed in Firefox 52
Fixed in Firefox 51.0.3
2017-04
Security vulnerabilities fixed in Firefox 51.0.3
Fixed in Firefox 51
2017-01
Security vulnerabilities fixed in Firefox 51
Fixed in Firefox 50.1
2016-94
Security vulnerabilities fixed in Firefox 50.1
Fixed in Firefox 50.0.2
2016-92
Firefox SVG Animation Remote Code Execution
Fixed in Firefox 50.0.1
2016-91
Security vulnerabilities fixed in Firefox 50.0.1
Fixed in Firefox 50
2016-89
Security vulnerabilities fixed in Firefox 50
Fixed in Firefox 49.0.2
2016-87
Security vulnerabilities fixed in Firefox 49.0.2
Fixed in Firefox 49
2016-85
Security vulnerabilities fixed in Firefox 49
Fixed in Firefox 48
2016-84
Information disclosure through Resource Timing API during page navigation
2016-83
Spoofing attack through text injection into internal error pages
2016-82
Addressbar spoofing with right-to-left characters on Firefox for Android
2016-81
Information disclosure and local file manipulation through drag and drop
2016-80
Same-origin policy violation using local HTML file and saved shortcut file
2016-79
Use-after-free when applying SVG effects
2016-78
Type confusion in display transformation
2016-77
Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback
2016-76
Scripts on marquee tag can execute in sandboxed iframes
2016-75
Integer overflow in WebSockets during data buffering
2016-74
Form input type change from password to text can store plain text password in session restore file
2016-73
Use-after-free in service workers with nested sync events
2016-72
Use-after-free in DTLS during WebRTC session shutdown
2016-71
Crash in incremental garbage collection in JavaScript
2016-70
Use-after-free when using alt key and toplevel menus
2016-69
Arbitrary file manipulation by local user through Mozilla updater and callback application path parameter
2016-68
Out-of-bounds read during XML parsing in Expat library
2016-67
Stack underflow during 2D graphics rendering
2016-66
Location bar spoofing via data URLs with malformed/invalid mediatypes
2016-65
Cairo rendering crash due to memory allocation issue with FFmpeg 0.10
2016-64
Buffer overflow rendering SVG with bidirectional content
2016-63
Favicon network connection can persist when page is closed
2016-62
Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)
Fixed in Firefox 47
2016-61
Network Security Services (NSS) vulnerabilities
2016-60
Java applets bypass CSP protections
2016-59
Information disclosure of disabled plugins through CSS pseudo-classes
2016-58
Entering fullscreen and persistent pointerlock without user permission
2016-57
Incorrect icon displayed on permissions notifications
2016-56
Use-after-free when textures are used in WebGL operations after recycle pool destruction
2016-55
File overwrite and privilege escalation through Mozilla Windows updater
2016-54
Partial same-origin-policy through setting location.host through data URI
2016-53
Out-of-bounds write with WebGL shader
2016-52
Addressbar spoofing though the SELECT element
2016-51
Use-after-free deleting tables from a contenteditable document
2016-50
Buffer overflow parsing HTML5 fragments
2016-49
Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
Fixed in Firefox 46
2016-48
Firefox Health Reports could accept events from untrusted domains
2016-47
Write to invalid HashMap entry through JavaScript.watch()
2016-46
Elevation of privilege with chrome.tabs.update API in web extensions
2016-45
CSP not applied to pages sent with multipart/x-mixed-replace
2016-44
Buffer overflow in libstagefright with CENC offsets
2016-43
Disclosure of user actions through JavaScript with motion and orientation sensors
2016-42
Use-after-free and buffer overflow in Service Workers
2016-41
Content provider permission bypass allows malicious application to access data
2016-40
Privilege escalation through file deletion by Maintenance Service updater
2016-39
Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
Fixed in Firefox 45
2016-38
Out-of-bounds write with malicious font in Graphite 2
2016-37
Font vulnerabilities in the Graphite 2 library
2016-36
Use-after-free during processing of DER encoded keys in NSS
2016-35
Buffer overflow during ASN.1 decoding in NSS
2016-34
Out-of-bounds read in HTML parser following a failed allocation
2016-33
Use-after-free in GetStaticInstance in WebRTC
2016-32
WebRTC and LibVPX vulnerabilities found through code inspection
2016-31
Memory corruption with malicious NPAPI plugin
2016-30
Buffer overflow in Brotli decompression
2016-29
Same-origin policy violation using performance.getEntries and history navigation with session restore
2016-28
Addressbar spoofing though history navigation and Location protocol property
2016-27
Use-after-free during XML transformations
2016-26
Memory corruption when modifying a file being read by FileReader
2016-25
Use-after-free when using multiple WebRTC data channels
2016-24
Use-after-free in SetBody
2016-23
Use-after-free in HTML5 string parser
2016-22
Service Worker Manager out-of-bounds read in Service Worker Manager
2016-21
Displayed page address can be overridden
2016-20
Memory leak in libstagefright when deleting an array during MP4 processing
2016-19
Linux video memory DOS with Intel drivers
2016-18
CSP reports fail to strip location information for embedded iframe pages
2016-17
Local file overwriting and potential privilege escalation through CSP reports
2016-16
Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
Fixed in Firefox 44.0.2
2016-13
Same-origin-policy violation using Service Workers with plugins
Fixed in Firefox 44
2016-15
Use-after-free in NSS during SSL connections in low memory
2016-12
Lightweight themes on Firefox for Android do not verify a secure connection
2016-11
Application Reputation service disabled in Firefox 43
2016-10
Unsafe memory manipulation found through code inspection
2016-09
Addressbar spoofing attacks
2016-08
Delay following click events in file download dialog too short on OS X
2016-07
Errors in mp_div and mp_exptmod cryptographic functions in NSS
2016-06
Missing delay following user click events in protocol handler dialog
2016-05
Addressbar spoofing through stored data url shortcuts on Firefox for Android
2016-04
Firefox allows for control characters to be set in cookie names
2016-03
Buffer overflow in WebGL after out of memory allocation
2016-02
Out of Memory crash when parsing GIF format images
2016-01
Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
Fixed in Firefox 43.0.2
2015-150
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature
Fixed in Firefox 43
2015-149
Cross-site reading attack through data and view-source URIs
2015-148
Privilege escalation vulnerabilities in WebExtension APIs
2015-147
Integer underflow and buffer overflow processing MP4 metadata in libstagefright
2015-146
Integer overflow in MP4 playback in 64-bit versions
2015-145
Underflow through code inspection
2015-144
Buffer overflows found through code inspection
2015-143
Linux file chooser crashes on malformed images due to flaws in Jasper library
2015-142
DOS due to malformed frames in HTTP/2
2015-141
Hash in data URI is incorrectly parsed
2015-140
Cross-origin information leak through web workers error events
2015-139
Integer overflow allocating extremely large textures
2015-138
Use-after-free in WebRTC when datachannel is used after being destroyed
2015-137
Firefox allows for control characters to be set in cookies
2015-136
Same-origin policy violation using performance.getEntries and history navigation
2015-135
Crash with JavaScript variable assignment with unboxed objects
2015-134
Miscellaneous memory safety hazards (rv:43.0 / rv:38.5)
Fixed in Firefox 42
2015-133
NSS and NSPR memory corruption issues
2015-132
Mixed content WebSocket policy bypass through workers
2015-131
Vulnerabilities found through code inspection
2015-130
JavaScript garbage collection crash with Java applet
2015-129
Certain escaped characters in host of Location-header are being treated as non-escaped
2015-128
Memory corruption in libjar through zip files
2015-127
CORS preflight is bypassed when non-standard Content-Type headers are received
2015-126
Crash when accessing HTML tables with accessibility tools on OS X
2015-125
XSS attack through intents on Firefox for Android
2015-124
Android intents can be used on Firefox for Android to open privileged files
2015-123
Buffer overflow during image interactions in canvas
2015-122
Trailing whitespace in IP address hostnames can bypass same-origin policy
2015-121
Disabling scripts in Add-on SDK panels has no effect
2015-120
Reading sensitive profile files through local HTML file on Android
2015-119
Firefox for Android addressbar can be removed after fullscreen mode
2015-118
CSP bypass due to permissive Reader mode whitelist
2015-117
Information disclosure through NTLM authentication
2015-116
Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)
Fixed in Firefox 41.0.2
2015-115
Cross-origin restriction bypass using Fetch
Fixed in Firefox 41
2015-114
Information disclosure via the High Resolution Time API
2015-113
Memory safety errors in libGLES in the ANGLE graphics library
2015-112
Vulnerabilities found through code inspection
2015-111
Errors in the handling of CORS preflight request headers
2015-110
Dragging and dropping images exposes final URL after redirects
2015-109
JavaScript immutable property enforcement can be bypassed
2015-108
Scripted proxies can access inner window
2015-107
Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems
2015-106
Use-after-free while manipulating HTML media content
2015-105
Buffer overflow while decoding WebM video
2015-104
Use-after-free with shared workers and IndexedDB
2015-103
URL spoofing in reader mode
2015-102
Crash when using debugger with SavedStacks in JavaScript
2015-101
Buffer overflow in libvpx while parsing vp9 format video
2015-100
Arbitrary file manipulation by local user through Mozilla updater
2015-99
Site attribute spoofing on Android by pasting URL with unknown scheme
2015-98
Out of bounds read in QCMS library with ICC V4 profile attributes
2015-97
Memory leak in mozTCPSocket to servers
2015-96
Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
Fixed in Firefox 40.0.3
2015-95
Add-on notification bypass through data URLs
2015-94
Use-after-free when resizing canvas element during restyling
Fixed in Firefox 40
2015-92
Use-after-free in XMLHttpRequest with shared workers
2015-91
Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification
2015-90
Vulnerabilities found through code inspection
2015-89
Buffer overflows on Libvpx when decoding WebM video
2015-88
Heap overflow in gdk-pixbuf when scaling bitmap images
2015-87
Crash when using shared memory in JavaScript
2015-86
Feed protocol with POST bypasses mixed content protections
2015-85
Out-of-bounds write with Updater and malicious MAR file
2015-84
Arbitrary file overwriting through Mozilla Maintenance Service with hard links
2015-83
Overflow issues in libstagefright
2015-82
Redefinition of non-configurable JavaScript object properties
2015-81
Use-after-free in MediaStream playback
2015-80
Out-of-bounds read with malformed MP3 file
2015-79
Miscellaneous memory safety hazards (rv:40.0 / rv:38.2)
Fixed in Firefox 39.0.3
2015-78
Same origin violation and local file stealing via PDF reader
Fixed in Firefox 39
2015-71
NSS incorrectly permits skipping of ServerKeyExchange
2015-70
NSS accepts export-length DHE keys with regular DHE cipher suites
2015-69
Privilege escalation through internal workers
2015-68
OS X crash reports may contain entered key press information
2015-67
Key pinning is ignored when overridable errors are encountered
2015-66
Vulnerabilities found through code inspection
2015-65
Use-after-free in workers while using XMLHttpRequest
2015-64
ECDSA signature validation fails to handle some signatures correctly
2015-63
Use-after-free in Content Policy due to microtask execution error
2015-62
Out-of-bound read while computing an oscillator rendering range in Web Audio
2015-61
Type confusion in Indexed Database Manager
2015-60
Local files or privileged URLs in pages can be opened into new tabs
2015-59
Miscellaneous memory safety hazards (rv:39.0 / rv:31.8 / rv:38.1)
Fixed in Firefox 38
2015-93
Integer overflows in libstagefright while processing MP4 video metadata
2015-58
Mozilla Windows updater can be run outside of application directory
2015-57
Privilege escalation through IPC channel messages
2015-56
Untrusted site hosting trusted page can intercept webchannel responses
2015-55
Buffer overflow and out-of-bounds read while parsing MP4 video metadata
2015-54
Buffer overflow when parsing compressed XML
2015-53
Use-after-free due to Media Decoder Thread creation during shutdown
2015-52
Sensitive URL encoded information written to Android logcat
2015-51
Use-after-free during text processing with vertical text enabled
2015-50
Out-of-bounds read and write in asm.js validation
2015-49
Referrer policy ignored when links opened by middle-click and context menu
2015-48
Buffer overflow with SVG content and CSS
2015-47
Buffer overflow parsing H.264 video with Linux Gstreamer
2015-46
Miscellaneous memory safety hazards (rv:38.0 / rv:31.7)
Fixed in Firefox 37.0.2
2015-45
Memory corruption during failed plugin initialization
Fixed in Firefox 37.0.1
2015-44
Certificate verification bypass through the HTTP/2 Alt-Svc header
2015-43
Loading privileged content through Reader mode
Fixed in Firefox 37
2015-42
Windows can retain access to privileged content on navigation to unprivileged pages
2015-41
PRNG weakness allows for DNS poisoning on Android
2015-40
Same-origin bypass through anchor navigation
2015-39
Use-after-free due to type confusion flaws
2015-38
Memory corruption crashes in Off Main Thread Compositing
2015-37
CORS requests should not follow 30x redirections after preflight
2015-36
Incorrect memory management for simple-type arrays in WebRTC
2015-35
Cursor clickjacking with flash and images
2015-34
Out of bounds read in QCMS library
2015-33
resource:// documents can load privileged pages
2015-32
Add-on lightweight theme installation approval bypassed through MITM attack
2015-31
Use-after-free when using the Fluendo MP3 GStreamer plugin
2015-30
Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Fixed in Firefox 36.0.4
2015-28
Privilege escalation through SVG navigation
Fixed in Firefox 36.0.3
2015-29
Code execution through incorrect JavaScript bounds checking elimination
Fixed in Firefox 36
2015-27
Caja Compiler JavaScript sandbox bypass
2015-26
UI Tour whitelisted sites in background tab can spoof foreground tabs
2015-25
Local files or privileged URLs in pages can be opened into new tabs
2015-24
Reading of local files through manipulation of form autocomplete
2015-23
Use-after-free in Developer Console date with OpenType Sanitiser
2015-22
Crash using DrawTarget in Cairo graphics library
2015-21
Buffer underflow during MP3 playback
2015-20
Buffer overflow during CSS restyling
2015-19
Out-of-bounds read and write while rendering SVG content
2015-18
Double-free when using non-default memory allocators with a zero-length XHR
2015-17
Buffer overflow in libstagefright during MP4 video playback
2015-16
Use-after-free in IndexedDB
2015-15
TLS TURN and STUN connections silently fail to simple TCP connections
2015-14
Malicious WebGL content crash when writing strings
2015-13
Appended period to hostnames can bypass HPKP and HSTS protections
2015-12
Invoking Mozilla updater will load locally stored DLL files
2015-11
Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)
Fixed in Firefox 35
2015-10
Update OpenH264 plugin to version 1.3
2015-09
XrayWrapper bypass through DOM objects
2015-08
Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension
2015-07
Gecko Media Plugin sandbox escape
2015-06
Read-after-free in WebRTC
2015-05
Read of uninitialized memory in Web Audio
2015-04
Cookie injection through Proxy Authenticate responses
2015-03
sendBeacon requests lack an Origin header
2015-02
Uninitialized memory use during bitmap rendering
2015-01
Miscellaneous memory safety hazards (rv:35.0 / rv:31.4)
Fixed in Firefox 34
2015-10
Update OpenH264 plugin to version 1.3
2014-91
Privileged access to security wrapped protected objects
2014-90
Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
2014-89
Bad casting from the BasicThebesLayer to BasicContainerLayer
2014-88
Buffer overflow while parsing media content
2014-87
Use-after-free during HTML5 parsing
2014-86
CSP leaks redirect data via violation reports
2014-85
XMLHttpRequest crashes with some input streams
2014-84
XBL bindings accessible via improper CSS declarations
2014-83
Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Fixed in Firefox 33
2014-82
Accessing cross-origin objects via the Alarms API
2014-81
Inconsistent video sharing within iframe
2014-80
Key pinning bypasses
2014-79
Use-after-free interacting with text directionality
2014-78
Further uninitialized memory use during GIF rendering
2014-77
Out-of-bounds write with WebM video
2014-76
Web Audio memory corruption issues with custom waveforms
2014-75
Buffer overflow during CSS manipulation
2014-74
Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Fixed in Firefox 32.0.3
2014-73
RSA Signature Forgery in NSS
Fixed in Firefox 32
2014-72
Use-after-free setting text directionality
2014-71
Profile directory file access through file: protocol
2014-70
Out-of-bounds read in Web Audio audio timeline
2014-69
Uninitialized memory use during GIF rendering
2014-68
Use-after-free during DOM interactions with SVG
2014-67
Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Fixed in Firefox 31.1
2014-71
Profile directory file access through file: protocol
Fixed in Firefox 31
2014-66
IFRAME sandbox same-origin access through redirect
2014-65
Certificate parsing broken by non-standard character encoding
2014-64
Crash in Skia library when scaling high quality images
2014-63
Use-after-free while when manipulating certificates in the trusted cache
2014-62
Exploitable WebGL crash with Cesium JavaScript library
2014-61
Use-after-free with FireOnStateChange event
2014-60
Toolbar dialog customization event spoofing
2014-59
Use-after-free in DirectWrite font handling
2014-58
Use-after-free in Web Audio due to incorrect control message ordering
2014-57
Buffer overflow during Web Audio buffering for playback
2014-56
Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Fixed in Firefox 30
2014-54
Buffer overflow in Gamepad API
2014-53
Buffer overflow in Web Audio Speex resampler
2014-52
Use-after-free with SMIL Animation Controller
2014-51
Use-after-free in Event Listener Manager
2014-50
Clickjacking through cursor invisibility after Flash interaction
2014-49
Use-after-free and out of bounds issues found using Address Sanitizer
2014-48
Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Fixed in Firefox 29
2014-47
Debugger can bypass XrayWrappers with JavaScript
2014-46
Use-after-free in nsHostResolver
2014-45
Incorrect IDNA domain name matching for wildcard certificates
2014-44
Use-after-free in imgLoader while resizing images
2014-43
Cross-site scripting (XSS) using history navigations
2014-42
Privilege escalation through Web Notification API
2014-41
Out-of-bounds write in Cairo
2014-40
Firefox for Android addressbar suppression
2014-39
Use-after-free in the Text Track Manager for HTML video
2014-38
Buffer overflow when using non-XBL object as XBL
2014-37
Out of bounds read while decoding JPG images
2014-36
Web Audio memory corruption issues
2014-35
Privilege escalation through Mozilla Maintenance Service Installer
2014-34
Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Fixed in Firefox 28.0.1
2014-33
File: protocol links downloaded to SD card by default
Fixed in Firefox 28
2014-32
Out-of-bounds write through TypedArrayObject after neutering
2014-31
Out-of-bounds read/write through neutering ArrayBuffer objects
2014-30
Use-after-free in TypeObject
2014-29
Privilege escalation using WebIDL-implemented APIs
2014-28
SVG filters information disclosure through feDisplacementMap
2014-27
Memory corruption in Cairo during PDF font rendering
2014-26
Information disclosure through polygon rendering in MathML
2014-24
Android Crash Reporter open to manipulation
2014-23
Content Security Policy for data: documents not preserved by session restore
2014-22
WebGL content injection from one domain to rendering in another
2014-21
Local file access via Open Link in new tab
2014-20
onbeforeunload and Javascript navigation DOS
2014-19
Spoofing attack on WebRTC permission prompt
2014-18
crypto.generateCRMFRequest does not validate type of key
2014-17
Out of bounds read during WAV file decoding
2014-16
Files extracted during updates are not always read only
2014-15
Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Fixed in Firefox 27
2014-13
Inconsistent JavaScript handling of access to Window objects
2014-12
NSS ticket handling issues
2014-11
Crash when using web workers with asm.js
2014-10
Firefox default start page UI content invocable by script
2014-09
Cross-origin information leak through web workers
2014-08
Use-after-free with imgRequestProxy and image processing
2014-07
XSLT stylesheets treated as styles in Content Security Policy
2014-06
Profile path leaks to Android system log
2014-05
Information disclosure with *FromPoint on iframes
2014-04
Incorrect use of discarded images by RasterImage
2014-03
UI selection timeout missing on download prompts
2014-02
Clone protected content with XBL scopes
2014-01
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Fixed in Firefox 26
2013-117
Mis-issued ANSSI/DCSSI certificate
2013-116
JPEG information leak
2013-115
GetElementIC typed array stubs can be generated outside observed typesets
2013-114
Use-after-free in synthetic mouse movement
2013-113
Trust settings for built-in roots ignored during EV certificate validation
2013-112
Linux clipboard information disclosure though selection paste
2013-111
Segmentation violation when replacing ordered list elements
2013-110
Potential overflow in JavaScript binary search algorithms
2013-109
Use-after-free during Table Editing
2013-108
Use-after-free in event listeners
2013-107
Sandbox restrictions not applied to nested object elements
2013-106
Character encoding cross-origin XSS attack
2013-105
Application Installation doorhanger persists on navigation
2013-104
Miscellaneous memory safety hazards (rv:26.0 / rv:24.2)
Fixed in Firefox 25.0.1
2013-103
Miscellaneous Network Security Services (NSS) vulnerabilities
Fixed in Firefox 25
2013-102
Use-after-free in HTML document templates
2013-101
Memory corruption in workers
2013-100
Miscellaneous use-after-free issues found through ASAN fuzzing
2013-99
Security bypass of PDF.js checks using iframes
2013-98
Use-after-free when updating offline cache
2013-97
Writing to cycle collected object during image decoding
2013-96
Improperly initialized memory and overflows in some JavaScript functions
2013-95
Access violation with XSLT and uninitialized data
2013-94
Spoofing addressbar though SELECT element
2013-93
Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
Fixed in Firefox 24
2013-92
GC hazard with default compartments and frame chain restoration
2013-91
User-defined properties on DOM proxies get the wrong "this" object
2013-90
Memory corruption involving scrolling
2013-89
Buffer overflow with multi-column, lists, and floats
2013-88
Compartment mismatch re-attaching XBL-backed nodes
2013-87
Shared object library loading from writable location
2013-86
WebGL Information disclosure through OS X NVIDIA graphic drivers
2013-85
Uninitialized data in IonMonkey
2013-84
Same-origin bypass through symbolic links
2013-83
Mozilla Updater does not lock MAR file after signature verification
2013-82
Calling scope for new Javascript objects can lead to memory corruption
2013-81
Use-after-free with select element
2013-80
NativeKey continues handling key messages after widget is destroyed
2013-79
Use-after-free in Animation Manager during stylesheet cloning
2013-78
Integer overflow in ANGLE library
2013-77
Improper state in HTML5 Tree Builder with templates
2013-76
Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)
Fixed in Firefox 23
2013-75
Local Java applets may read contents of local file system
2013-74
Firefox full and stub installer DLL hijacking
2013-73
Same-origin bypass with web workers and XMLHttpRequest
2013-72
Wrong principal used for validating URI for some Javascript components
2013-71
Further Privilege escalation through Mozilla Updater
2013-70
Bypass of XrayWrappers using XBL Scopes
2013-69
CRMF requests allow for code execution and XSS attacks
2013-68
Document URI misrepresentation and masquerading
2013-67
Crash during WAV audio file decoding
2013-66
Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
2013-65
Buffer underflow when generating CRMF requests
2013-64
Use after free mutating DOM during SetBody
2013-63
Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
Fixed in Firefox 22
2013-62
Inaccessible updater can lead to local privilege escalation
2013-61
Homograph domain spoofing in .com, .net and .name
2013-60
getUserMedia permission dialog incorrectly displays location
2013-59
XrayWrappers can be bypassed to run user defined methods in a privileged context
2013-58
X-Frame-Options ignored when using server push with multi-part responses
2013-57
Sandbox restrictions not applied to nested frame elements
2013-56
PreserveWrapper has inconsistent behavior
2013-55
SVG filters can lead to information disclosure
2013-54
Data in the body of XHR HEAD requests leads to CSRF attacks
2013-53
Execution of unmapped memory through onreadystatechange event
2013-52
Arbitrary code execution within Profiler
2013-51
Privileged content access and execution via XBL
2013-50
Memory corruption found using Address Sanitizer
2013-49
Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
Fixed in Firefox 21
2013-48
Memory corruption found using Address Sanitizer
2013-47
Uninitialized functions in DOMSVGZoomEvent
2013-46
Use-after-free with video and onresize event
2013-45
Mozilla Updater fails to update some Windows Registry entries
2013-44
Local privilege escalation through Mozilla Maintenance Service
2013-43
File input control has access to full path
2013-42
Privileged access for content level constructor
2013-41
Miscellaneous memory safety hazards (rv:21.0 / rv:17.0.6)
Fixed in Firefox 20
2013-40
Out-of-bounds array read in CERT_DecodeCertPackage
2013-39
Memory corruption while rendering grayscale PNG images
2013-38
Cross-site scripting (XSS) using timed history navigations
2013-37
Bypass of tab-modal dialog origin disclosure
2013-36
Bypass of SOW protections allows cloning of protected nodes
2013-35
WebGL crash with Mesa graphics driver on Linux
2013-34
Privilege escalation through Mozilla Updater
2013-33
World read and write access to app_tmp directory on Android
2013-32
Privilege escalation through Mozilla Maintenance Service
2013-31
Out-of-bounds write in Cairo library
2013-30
Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
Fixed in Firefox 19.0.2
2013-29
Use-after-free in HTML Editor
Fixed in Firefox 19
2013-28
Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer
2013-27
Phishing on HTTPS connection through malicious proxy
2013-26
Use-after-free in nsImageLoadingContent
2013-25
Privacy leak in JavaScript Workers
2013-24
Web content bypass of COW and SOW security wrappers
2013-23
Wrapped WebIDL objects can be wrapped again
2013-22
Out-of-bounds read in image rendering
2013-21
Miscellaneous memory safety hazards (rv:19.0 / rv:17.0.3)
Fixed in Firefox 18
2013-20
Mis-issued TURKTRUST certificates
2013-19
Use-after-free in Javascript Proxy objects
2013-18
Use-after-free in Vibrate
2013-17
Use-after-free in ListenerManager
2013-16
Use-after-free in serializeToStream
2013-15
Privilege escalation through plugin objects
2013-14
Chrome Object Wrapper (COW) bypass through changing prototype
2013-13
Memory corruption in XBL with XML bindings containing SVG
2013-12
Buffer overflow in Javascript string concatenation
2013-11
Address space layout leaked in XBL objects
2013-10
Event manipulation in plugin handler to bypass same-origin policy
2013-09
Compartment mismatch with quickstubs returned values
2013-08
AutoWrapperChanger fails to keep objects alive during garbage collection
2013-07
Crash due to handling of SSL on threads
2013-06
Touch events are shared across iframes
2013-05
Use-after-free when displaying table with many columns and column groups
2013-04
URL spoofing in addressbar during page loads
2013-03
Buffer Overflow in Canvas
2013-02
Use-after-free and buffer overflow issues found using Address Sanitizer
2013-01
Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
2012-98
Firefox installer DLL hijacking
Fixed in Firefox 17.0.9
2013-65
Buffer underflow when generating CRMF requests
Fixed in Firefox 17
2012-106
Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
2012-105
Use-after-free and buffer overflow issues found using Address Sanitizer
2012-104
CSS and HTML injection through Style Inspector
2012-103
Frames can shadow top.location
2012-102
Script entered into Developer Toolbar runs with chrome privileges
2012-101
Improper character decoding in HZ-GB-2312 charset
2012-100
Improper security filtering for cross-origin wrappers
2012-99
XrayWrappers exposes chrome-only properties when not in chrome compartment
2012-98
Firefox installer DLL hijacking
2012-97
XMLHttpRequest inherits incorrect principal within sandbox
2012-96
Memory corruption in str_unescape
2012-95
Javascript: URLs run in privileged context on New Tab page
2012-94
Crash when combining SVG text on path with CSS
2012-93
evalInSanbox location context incorrectly applied
2012-92
Buffer overflow while rendering GIF images
2012-91
Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)
Fixed in Firefox 16.0.2
2012-90
Fixes for Location object issues
Fixed in Firefox 16.0.1
2012-89
defaultValue security checks not applied
2012-88
Miscellaneous memory safety hazards (rv:16.0.1)
Fixed in Firefox 16
2012-87
Use-after-free in the IME State Manager
2012-86
Heap memory corruption issues found using Address Sanitizer
2012-85
Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer
2012-84
Spoofing and script injection through location.hash
2012-83
Chrome Object Wrapper (COW) does not disallow access to privileged functions or properties
2012-82
top object and location property accessible by plugins
2012-81
GetProperty function can bypass security checks
2012-80
Crash with invalid cast when using instanceof operator
2012-79
DOS and crash with full screen and history navigation
2012-78
Reader Mode pages have chrome privileges
2012-77
Some DOMWindowUtils methods bypass security checks
2012-76
Continued access to initial origin after setting document.domain
2012-75
select element persistence allows for attacks
2012-74
Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)
Fixed in Firefox 15
2012-73
SPDY information disclosure
2012-72
Web console eval capable of executing chrome-privileged code
2012-71
Insecure use of __android_log_print
2012-70
Location object security checks bypassed by chrome code
2012-69
Incorrect site SSL certificate data display
2012-68
DOMParser loads linked resources in extensions when parsing text/html
2012-67
Installer will launch incorrect executable following new installation
2012-66
HTTPMonitor extension allows for remote debugging without explicit activation
2012-65
Out-of-bounds read in format-number in XSLT
2012-64
Graphite 2 memory corruption
2012-63
SVG buffer overflow and use-after-free issues
2012-62
WebGL use-after-free and memory corruption
2012-61
Memory corruption with bitmap format images with negative height
2012-60
Escalation of privilege through about:newtab
2012-59
Location object can be shadowed using Object.defineProperty
2012-58
Use-after-free issues found using Address Sanitizer
2012-57
Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
Fixed in Firefox 14
2012-56
Code execution through javascript: URLs
2012-55
feed: URLs with an innerURI inherit security context of page
2012-53
Content Security Policy 1.0 implementation errors cause data leakage
2012-52
JSDependentString::undepend string conversion results in memory corruption
2012-51
X-Frame-Options header ignored when duplicated
2012-50
Out of bounds read in QCMS
2012-49
Same-compartment Security Wrappers can be bypassed
2012-48
use-after-free in nsGlobalWindow::PageHidden
2012-47
Improper filtering of javascript in HTML feed-view
2012-46
XSS through data: URLs
2012-45
Spoofing issue with location
2012-44
Gecko memory corruption
2012-43
Incorrect URL displayed in addressbar through drag and drop
2012-42
Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)
Fixed in Firefox 13
2012-54
Clickjacking of certificate warning page
2012-40
Buffer overflow and use-after-free issues found using Address Sanitizer
2012-39
NSS parsing errors with zero length items
2012-38
Use-after-free while replacing/inserting a node in a document
2012-37
Information disclosure though Windows file shares and shortcut files
2012-36
Content Security Policy inline-script bypass
2012-35
Privilege escalation through Mozilla Updater and Windows Updater Service
2012-34
Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5)
Fixed in Firefox 12
2012-33
Potential site identity spoofing when loading RSS and Atom feeds
2012-32
HTTP Redirections and remote content can be read by javascript errors
2012-31
Off-by-one error in OpenType Sanitizer
2012-30
Crash with WebGL content using textImage2D
2012-29
Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
2012-28
Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
2012-27
Page load short-circuit can lead to XSS
2012-26
WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
2012-25
Potential memory corruption during font rendering using cairo-dwrite
2012-24
Potential XSS via multibyte content processing errors
2012-23
Invalid frees causes heap corruption in gfxImageSurface
2012-22
use-after-free in IDBKeyRange
2012-20
Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)
Fixed in Firefox 11
2012-19
Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
2012-18
window.fullScreen writeable by untrusted content
2012-17
Crash when accessing keyframe cssText after dynamic modification
2012-16
Escalation of privilege with Javascript: URL as home page
2012-15
XSS with multiple Content Security Policy headers
2012-14
SVG issues found with Address Sanitizer
2012-13
XSS with Drag and Drop and Javascript: URL
2012-12
Use-after-free in shlwapi.dll
Fixed in Firefox 10.0.2
2012-11
libpng integer overflow
Fixed in Firefox 10.0.1
2012-10
use after free in nsXBLDocumentInfo::ReadPrototypeBindings
Fixed in Firefox 10
2012-09
Firefox Recovery Key.html is saved with unsafe permission
2012-08
Crash with malformed embedded XSLT stylesheets
2012-07
Potential Memory Corruption When Decoding Ogg Vorbis files
2012-06
Uninitialized memory appended when encoding icon images may cause information disclosure
2012-05
Frame scripts calling into untrusted objects bypass security checks
2012-04
Child nodes from nsDOMAttribute still accessible after removal of nodes
2012-03
element exposed across domains via name attribute 2012-01 Miscellaneous memory safety hazards (rv:10.0/ 1.9.2.26) Fixed in Firefox 9 2012-41 Use-after-free in nsHTMLSelectElement 2011-58 Crash scaling <video> to extreme sizes 2011-57 Crash when plugin removes itself on Mac OS X 2011-56 Key detection without JavaScript via SVG animation 2011-55 nsSVGValue out-of-bounds access 2011-54 Potentially exploitable crash in the YARR regular expression library 2011-53 Miscellaneous memory safety hazards (rv:9.0) Fixed in Firefox 8 2011-52 Code execution via NoWaiverWrapper 2011-51 Cross-origin image theft on Mac with integrated Intel GPU 2011-50 Cross-origin data theft using canvas and Windows D2D 2011-49 Memory corruption while profiling using Firebug 2011-48 Miscellaneous memory safety hazards (rv:8.0) 2011-47 Potential XSS against sites using Shift-JIS Fixed in Firefox 7 2012-02 Overly permissive IPv6 literal syntax 2011-45 Inferring keystrokes from motion data 2011-44 Use after free reading OGG headers 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter 2011-42 Potentially exploitable crash in the YARR regular expression library 2011-41 Potentially exploitable WebGL crashes 2011-40 Code installation through holding down Enter 2011-39 Defense against multiple Location headers due to CRLF Injection 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23) Fixed in Firefox 6.0.2 2011-35 Additional protection against fraudulent DigiNotar certificates Fixed in Firefox 6.0.1 2011-34 Protection against fraudulent DigiNotar certificates Fixed in Firefox 6 2011-38 XSS via plugins and shadowed window.location object 2011-29 Security issues addressed in Firefox 6 Fixed in Firefox 5 2011-28 Non-whitelisted site can trigger xpinstall 2011-27 XSS encoding hazard with inline SVG 2011-26 Multiple WebGL crashes 2011-25 Stealing of cross-domain images using WebGL textures 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight() 2011-21 Memory corruption due to multipart/x-mixed-replace images 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18) Fixed in Firefox 4.0.1 2011-18 XSLT generate-id() function heap address leak 2011-17 WebGLES vulnerabilities 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)</div> </div> <div class="detail-actions"> <a href="/search?q=www.mozilla.org" class="btn">Same domain →</a> <a href="/search?q=Security%20Advisories%20for%20Firefo" class="btn btn-secondary">Similar titles →</a> </div> </article> </main> <footer class="site-footer"> <div class="container"> C U Cyber History — Public Interest Web Archive Preserving fading web memories. Discover history that once existed. </div> </footer> <script id="chat-i18n-en" type="application/json">{"button_label":"Need Help?","placeholder":"Ask us anything...","title":"CUCH Assistant","subtitle":"How can we help you?","send":"Send","close":"Close","folder":"/var/www/cu","greeting":"Hi! Welcome to CUCH.org. How can I help you today? Feel free to ask about our archive, search, or anything else!","error":"Sorry, our service is temporarily unavailable. Please try again later.","banner_text":"Need help? Ask our AI assistant!"}</script> <script src="/static/js/chat-widget.js"></script> </body> </html>