Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-5281 | 7.5 |
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code a
|
30-10-2018 - 16:27 | 22-09-2016 - 22:59 | |
CVE-2016-5284 | 4.3 |
Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.
|
30-10-2018 - 16:27 | 22-09-2016 - 22:59 | |
CVE-2016-5280 | 7.5 |
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirec
|
30-10-2018 - 16:27 | 22-09-2016 - 22:59 | |
CVE-2016-5270 | 7.5 |
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5274 | 7.5 |
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction b
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5276 | 7.5 |
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denia
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5277 | 7.5 |
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrup
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5257 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly e
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5272 | 6.8 |
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execut
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 | |
CVE-2016-5278 | 6.8 |
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled
|
12-06-2018 - 01:29 | 22-09-2016 - 22:59 |