# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2016-5281 |
416 |
|
Exec Code |
2016-09-22 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the DOMSVGLength class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document. |
2 |
CVE-2016-5280 |
416 |
|
Exec Code |
2016-09-22 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via bidirectional text. |
3 |
CVE-2016-5278 |
119 |
|
Exec Code Overflow |
2016-09-22 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. |
4 |
CVE-2016-5277 |
416 |
|
DoS Exec Code Mem. Corr. |
2016-09-22 |
2018-06-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation. |
5 |
CVE-2016-5276 |
416 |
|
DoS Exec Code Mem. Corr. |
2016-09-22 |
2018-06-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute. |
6 |
CVE-2016-5274 |
416 |
|
Exec Code |
2016-09-22 |
2018-06-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation. |
7 |
CVE-2016-5272 |
20 |
|
Exec Code |
2016-09-22 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. |
8 |
CVE-2016-5264 |
416 |
|
DoS Exec Code Mem. Corr. |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsNodeUtils::NativeAnonymousChildListChange function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG element that is mishandled during effect application. |
9 |
CVE-2016-5263 |
704 |
|
Exec Code |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The nsDisplayList::HitTest function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 mishandles rendering display transformation, which allows remote attackers to execute arbitrary code via a crafted web site that leverages "type confusion." |
10 |
CVE-2016-5259 |
416 |
|
Exec Code |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop. |
11 |
CVE-2016-5258 |
416 |
|
Exec Code |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the WebRTC socket thread in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code by leveraging incorrect free operations on DTLS objects during the shutdown of a WebRTC session. |
12 |
CVE-2016-5257 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-09-22 |
2018-06-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
13 |
CVE-2016-5254 |
416 |
|
DoS Exec Code Mem. Corr. |
2016-08-05 |
2019-12-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsXULPopupManager::KeyDown function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by leveraging keyboard access to use the Alt key during selection of top-level menu items. |
14 |
CVE-2016-5252 |
119 |
|
Exec Code Overflow |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations. |
15 |
CVE-2016-2838 |
119 |
|
Exec Code Overflow |
2016-08-05 |
2017-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the nsBidi::BracketData::AddOpening function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via directional content in an SVG document. |
16 |
CVE-2016-2837 |
119 |
|
Exec Code Overflow Bypass |
2016-08-05 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and leveraging a Gecko Media Plugin (GMP) sandbox bypass. |
17 |
CVE-2016-2836 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-08-05 |
2017-08-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to Http2Session::Shutdown and SpdySession31::Shutdown, and other vectors. |
18 |
CVE-2016-2828 |
|
|
Exec Code |
2016-06-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via WebGL content that triggers texture access after destruction of the texture's recycle pool. |
19 |
CVE-2016-2821 |
|
|
DoS Exec Code Mem. Corr. |
2016-06-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the mozilla::dom::Element class in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2, when contenteditable mode is enabled, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by triggering deletion of DOM elements that were created in the editor. |
20 |
CVE-2016-2819 |
119 |
|
Exec Code Overflow |
2016-06-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element. |
21 |
CVE-2016-2818 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-06-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
22 |
CVE-2016-2815 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-06-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
23 |
CVE-2016-2814 |
119 |
|
Exec Code Overflow |
2016-04-30 |
2017-07-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in libstagefright in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code via crafted CENC offsets that lead to mismanagement of the sizes table. |
24 |
CVE-2016-2808 |
119 |
|
DoS Exec Code Overflow |
2016-04-30 |
2017-07-01 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service (generation-count overflow, out-of-bounds HashMap write access, and application crash) via a crafted web site. |
25 |
CVE-2016-2807 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-04-30 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
26 |
CVE-2016-2805 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-04-30 |
2017-07-01 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
27 |
CVE-2016-2804 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-04-30 |
2017-07-01 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
28 |
CVE-2016-1977 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a crafted Graphite smart font. |
29 |
CVE-2016-1974 |
119 |
|
DoS Exec Code Overflow |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The nsScannerString::AppendUnicodeTo function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not verify that memory allocation succeeds, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via crafted Unicode data in an HTML, XML, or SVG document. |
30 |
CVE-2016-1966 |
|
|
DoS Exec Code Mem. Corr. |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corruption) via a crafted NPAPI plugin. |
31 |
CVE-2016-1964 |
|
|
DoS Exec Code Mem. Corr. |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the AtomicBaseIncDec function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging mishandling of XML transformations. |
32 |
CVE-2016-1962 |
|
|
Exec Code |
2016-03-13 |
2019-12-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections. |
33 |
CVE-2016-1961 |
|
|
Exec Code |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Use-after-free vulnerability in the nsHTMLDocument::SetBody function in dom/html/nsHTMLDocument.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of a root element, aka ZDI-CAN-3574. |
34 |
CVE-2016-1960 |
|
|
DoS Exec Code |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. |
35 |
CVE-2016-1953 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-03-13 |
2018-10-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors. |
36 |
CVE-2016-1952 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-03-13 |
2019-12-27 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
37 |
CVE-2016-1935 |
119 |
|
Exec Code Overflow |
2016-01-31 |
2019-12-27 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content. |
38 |
CVE-2016-1930 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2016-01-31 |
2019-12-27 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
39 |
CVE-2016-1522 |
119 |
|
DoS Exec Code Overflow |
2016-02-13 |
2017-07-01 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font. |
40 |
CVE-2016-1521 |
119 |
|
DoS Exec Code Overflow +Info |
2016-02-13 |
2017-07-01 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. |