| CVE-2017-7778 |
High |
Yes |
Arbitrary code execution |
An out-of-bounds write has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress. |
| CVE-2017-7777 |
High |
Yes |
Information disclosure |
An use of initialized memory has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in GlyphCache::Loader::read_glyph. |
| CVE-2017-7776 |
High |
Yes |
Information disclosure |
A heap-buffer-overflow read has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in Silf::getClassGlyph. |
| CVE-2017-7775 |
High |
Yes |
Denial of service |
An assertion failure has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2. |
| CVE-2017-7774 |
High |
Yes |
Information disclosure |
An out-of-bounds read has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in Silf::readGraphite. |
| CVE-2017-7773 |
High |
Yes |
Arbitrary code execution |
A heap-buffer-overflow write has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress. |
| CVE-2017-7772 |
High |
Yes |
Arbitrary code execution |
A heap-buffer-overflow write has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in lz4::decompress. |
| CVE-2017-7771 |
High |
Yes |
Information disclosure |
An out-of-bounds read has been found in the Graphite 2 library used in Firefox < 54.0 and Thunderbird < 52.2, in Pass::readPass. |
| CVE-2017-7764 |
Medium |
Yes |
Content spoofing |
A security issue has been found in Firefox < 54.0 and Thunderbird < 52.2, where characters from the "Canadian Syllabics" unicode block can be mixed with... |
| CVE-2017-7762 |
Medium |
Yes |
Content spoofing |
A security issue has been found in Firefox < 54.0. When entered directly, Reader Mode did not strip the username and password section of URLs displayed in... |
| CVE-2017-7758 |
High |
Yes |
Information disclosure |
An out-of-bounds read vulnerability has been found in Firefox < 54.0 and Thunderbird < 52.2, with the Opus encoder when the number of channels in an audio... |
| CVE-2017-7757 |
High |
Yes |
Arbitrary code execution |
A use after-free vulnerability has been found in Firefox < 54.0 and Thunderbird < 52.2, in IndexedDB when one of its objects is destroyed in memory while a... |
| CVE-2017-7756 |
High |
Yes |
Arbitrary code execution |
A use after-free and use-after-scope vulnerability has been found in Firefox < 54.0 and Thunderbird < 52.2, when logging errors from headers for XML HTTP... |
| CVE-2017-7754 |
High |
Yes |
Information disclosure |
An out-of-bounds read has been found in Firefox < 54.0 and Thunderbird < 52.2, with a maliciously crafted ImageInfo object during WebGL operations. |
| CVE-2017-7752 |
Medium |
Yes |
Arbitrary code execution |
A use-after-free has been found in Firefox < 54.0 and Thunderbird < 52.2, during specific user interactions with the input method editor (IME) in some... |
| CVE-2017-7751 |
High |
Yes |
Arbitrary code execution |
A use-after-free has been found in Firefox < 54.0 and Thunderbird < 52.2, in content viewer listeners. |
| CVE-2017-7750 |
High |
Yes |
Arbitrary code execution |
A use-after-free has been found in Firefox < 54.0 and Thunderbird < 52.2, during video control operations when a <track> element holds a reference to an... |
| CVE-2017-7749 |
High |
Yes |
Arbitrary code execution |
A user-after-free has been found in Firefox < 54.0 and Thunderbird < 52.2, when using an incorrect URL during the reloading of a docshell. |
| CVE-2017-5472 |
Critical |
Yes |
Arbitrary code execution |
A use-after-free vulnerability has been found in Firefox < 54.0 and Thunderbird < 52.2, in the frameloader during tree reconstruction while regenerating CSS... |
| CVE-2017-5471 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety issues leading to arbitrary code execution have been found in Firefox < 54.0. |
| CVE-2017-5470 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety issues leading to arbitrary code execution have been found in Firefox < 54.0 and Thunderbird < 52.2. |