| CVE-2019-15903 |
Medium |
Yes |
Denial of service |
A security issue has been found in libexpat before 2.2.8, where crafted XML input could fool the parser into changing from DTD parsing to document parsing... |
| CVE-2019-11764 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox before 70.0 and Thunderbird before 68.2. Some of these bugs showed evidence of memory corruption and... |
| CVE-2019-11763 |
Medium |
Yes |
Insufficient validation |
An issue has been found in Firefox before 70.0 and Thunderbird before 68.2, where failure to correctly handle null bytes when processing HTML entities... |
| CVE-2019-11762 |
Medium |
Yes |
Same-origin policy bypass |
A same-origin policy bypass has been found in Firefox before 70.0 and Thunderbird before 68.2 where, if two same-origin documents set document.domain... |
| CVE-2019-11761 |
Medium |
Yes |
Access restriction bypass |
An issue has been found in Firefox before 70.0 and Thunderbird before 68.2, where by using a form with a data URI it was possible to gain access to the... |
| CVE-2019-11760 |
Critical |
Yes |
Arbitrary code execution |
A fixed-size stack buffer overflow has been found in nrappkit, in the WebRTC signaling code of Firefox before 70.0 and Thunderbird before 68.2. |
| CVE-2019-11759 |
Critical |
Yes |
Arbitrary code execution |
A stack-based buffer overflow has been found in the HKDF output of Firefox before 70.0 and Thunderbird before 68.2. An attacker could have caused 4 bytes of... |
| CVE-2019-11757 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free issue has been found in the IndexedDB component of Firefox before 70.0 and Thunderbird before 68.2. When storing a value in IndexedDB, the... |