|
267291
|
9.8 |
CRITICAL
Network
|
mozilla
opensuse
|
firefox
leap
opensuse
|
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox before 44.0, might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1944
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267292
|
4.7 |
MEDIUM
Network
|
opensuse
mozilla
google
|
leap
opensuse
firefox
android
|
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
|
CWE-17
Code
|
CVE-2016-1943
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267293
|
7.4 |
HIGH
Network
|
opensuse
mozilla
|
leap
opensuse
firefox
|
Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a (1) wyciwyg: URI or (2) resource: URI.
|
CWE-20
Improper Input Validation
|
CVE-2016-1942
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267294
|
6.1 |
MEDIUM
Network
|
apple
mozilla
|
mac_os_x
firefox
|
The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that trigger…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1941
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267295
|
5.3 |
MEDIUM
Network
|
google
mozilla
|
android
firefox
|
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via a data: URL that is mishandled during (1) shortcut opening or (2) BOOKMARK intent processing.
|
CWE-17
Code
|
CVE-2016-1940
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267296
|
5.3 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
firefox
|
Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vul…
|
CWE-200
Information Exposure
|
CVE-2016-1939
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267297
|
6.5 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
nss
firefox
|
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier fo…
|
CWE-310
Cryptographic Issues
|
CVE-2016-1938
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267298
|
6.1 |
MEDIUM
Network
|
mozilla
opensuse
|
firefox
leap
opensuse
|
The protocol-handler dialog in Mozilla Firefox before 44.0 allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a do…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1937
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267299
|
8.8 |
HIGH
Network
|
opensuse
oracle
mozilla
|
leap
opensuse
linux
firefox
|
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1935
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267300
|
6.5 |
MEDIUM
Network
|
opensuse
mozilla
|
leap
opensuse
firefox
|
Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted G…
|
CWE-189
Numeric Errors
|
CVE-2016-1933
|
2024-11-21 11:47 |
2016-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
