| CVE-2018-18497 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Firefox < 64.0, where limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed... |
| CVE-2018-18495 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Firefox < 64.0, where WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of... |
| CVE-2018-18494 |
High |
Yes |
Same-origin policy bypass |
A same-origin policy violation has been found in Firefox < 64.0, allowing the theft of cross-origin URL entries when using the Javascript location property... |
| CVE-2018-18493 |
High |
Yes |
Arbitrary code execution |
A buffer overflow can occur in the Skia library use by Firefox < 64.0, during buffer offset calculations with hardware accelerated canvas 2D actions due to... |
| CVE-2018-18492 |
High |
Yes |
Arbitrary code execution |
A use-after-free has been found in Firefox < 64.0, after deleting a selection element due to a weak reference to the select element in the options collection. |
| CVE-2018-17466 |
Medium |
Yes |
Arbitrary code execution |
A buffer overflow and out-of-bounds read has been found in the TextureStorage11 function of the Angle library, as used in the chromium browser before... |
| CVE-2018-12407 |
High |
Yes |
Arbitrary code execution |
A buffer overflow has been found in the Angle library used for WebGL content by Firefox < 64.0, when drawing and validating elements with the VertexBuffer11 module. |
| CVE-2018-12406 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox < 64.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough... |
| CVE-2018-12405 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox < 64.0. Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough... |