mozilla

3,621 tracked vulnerabilities.

CVE-2015-4520
Firefox < 41.0 - CORS Preflight Protection Bypass via Duplicate Cache-Key Generation
Sep 24, 2015
EPSS 0.03
CVE-2015-4519
Firefox < 41.0 - Unauthorized URL Exposure via Drag-and-Drop Image Action
Sep 24, 2015
EPSS 0.03
CVE-2015-4517
Firefox < 40.0.3 - Memory Corruption via NetworkUtils.cpp
Sep 24, 2015
EPSS 0.03
CVE-2015-4516
Firefox < 40.0.3 - Remote Code Execution via ES5 API Protection Bypass
Sep 24, 2015
EPSS 0.03
CVE-2015-4512
Firefox < 40.0.3 - Out-of-Bounds Read via 2D Canvas Rendering
Sep 24, 2015
EPSS 0.03
CVE-2015-4511
Firefox < 41.0 - Remote Code Execution via WebM Video Header
Sep 24, 2015
EPSS 0.05
CVE-2015-4510
Firefox < 40.0.3 - Use-After-Free via Shared Worker and IndexedDB Interaction
Sep 24, 2015
EPSS 0.03
CVE-2015-4509
Firefox < 41.0 - Remote Code Execution via HTMLVideoElement Use-After-Free
Sep 24, 2015
EPSS 0.06
CVE-2015-4508
Firefox < 40.0.3 - Address Bar Spoofing via Reader Mode
Sep 24, 2015
EPSS 0.02
CVE-2015-4507
Firefox < 40.0.3 - Remote Code Execution via SavedStacks Debugger API
Sep 24, 2015
EPSS 0.03
CVE-2015-4506
Firefox < 40.0.3 - Remote Code Execution via VP9 Video Processing
Sep 24, 2015
EPSS 0.05
CVE-2015-4505
Firefox < 41.0 and Firefox ESR 38.x < 38.3 - Arbitrary File Write via Junction Attack
Sep 24, 2015
EPSS 0.00
CVE-2015-4504
Firefox < 40.0.3 - Buffer Over-read in QCMS ICC Profile Parser
Sep 24, 2015
EPSS 0.03
CVE-2015-4503
Firefox < 40.0.3 - Information Disclosure via TCP Socket API
Sep 24, 2015
EPSS 0.02
CVE-2015-4502
Firefox < 40.0.3 - Window Access Restriction Bypass via Proxy Receiver Handling
Sep 24, 2015
EPSS 0.02
CVE-2015-4501
Firefox < 40.0.3 - Memory Corruption and Remote Code Execution
Sep 24, 2015
EPSS 0.05
CVE-2015-4500
Firefox < 40.0.3 - Memory Corruption and Remote Code Execution
Sep 24, 2015
EPSS 0.05
CVE-2015-4476
Firefox < 40.0.3 - Address Bar Spoofing via URL Paste
Sep 24, 2015
EPSS 0.02
CVE-2015-4499
Bugzilla < 4.2.15, 4.3.x-4.4.x < 4.4.10, 5.x < 5.0.1 - Unauthenticated Privilege Escalation
Sep 14, 2015
EPSS 0.03
CVE-2015-4498
Firefox < 40.0.2 - Add-on Installation User Confirmation Bypass via Crafted Data URL
Aug 29, 2015
EPSS 0.03
CVE-2015-4497
Firefox < 40.0.3 and ESR 38.x < 38.2.1 - Use-After-Free in CanvasRenderingContext2D
Aug 29, 2015
EPSS 0.08
CVE-2015-4496
Oracle Solaris < 37.0.2 - Numeric Error
Aug 16, 2015
EPSS 0.04
CVE-2015-4493
Oracle Solaris < 39.0.3 - Memory Corruption
Aug 16, 2015
EPSS 0.07
CVE-2015-4492
Oracle Solaris < 39.0.3 - Use After Free
Aug 16, 2015
EPSS 0.05
CVE-2015-4490
Firefox < 39.0.3 - Cross-Site Scripting via CSP Wildcard Source-Expression Mismatch
Aug 16, 2015
EPSS 0.03