| CVE-2020-12396 |
High |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox before 76.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with... |
| CVE-2020-12395 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs has been found in Firefox before 76.0, Firefox ESR before 68.8 and Thunderbird before 68.8.0. Some of these bugs showed evidence... |
| CVE-2020-12394 |
Low |
Yes |
Content spoofing |
A logic flaw has been found in the location bar implementation of Firefox before 76.0, and could have allowed a local attacker to spoof the current location... |
| CVE-2020-12392 |
Medium |
Yes |
Content spoofing |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request in Firefox before 76.0 and Thunderbird before... |
| CVE-2020-12391 |
Medium |
Yes |
Arbitrary code execution |
Documents formed using data: URLs in an object element failed to inherit the CSP of the creating context in Firefox before 76.0. This allowed the execution... |
| CVE-2020-12390 |
Medium |
Yes |
Insufficient validation |
An incorrect origin serialization of URLs with IPv6 addresses issue has been found in Firefox before 76.0, and could lead to incorrect security checks. |
| CVE-2020-12387 |
Critical |
Yes |
Arbitrary code execution |
A race condition has been found in Firefox before 76.0 and Thunderbird before 68.8.0, when running shutdown code for Web Worker, leading to a use-after-free... |
| CVE-2020-6831 |
High |
Yes |
Arbitrary code execution |
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC, in Firefox before 76.0, Thunderbird before 68.8.0 and chromium before... |