Vulnerabilidades en Mozilla
1860 resultadosCVE-2018-18492—A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options colEPSS 9.6%CVE-2018-12387—A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer beiEPSS 9.6%CVE-2025-0247CRITICALMemory safety bugs fixed in Firefox 134 and Thunderbird 134EPSS 9.3%CVE-2025-4918CRITICALOut-of-bounds access when resolving Promise objectsEPSS 8.6%CVE-2018-5127—A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This results in a potentially exploitable crash.EPSS 8.0%CVE-2017-7828—A use-after-free vulnerability can occur when flushing and resizing layout because the "PressShell" object has been freed while still in useEPSS 7.4%CVE-2019-9813—Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read anEPSS 7.4%CVE-2018-5104—A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentiaEPSS 7.3%CVE-2018-5097—A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by scriptEPSS 7.3%CVE-2018-5102—A use-after-free vulnerability can occur when manipulating HTML media elements with media streams, resulting in a potentially exploitable crEPSS 7.2%CVE-2017-5444—A buffer overflow vulnerability while parsing "application/http-index-format" format content when the header contains improperly formatted dEPSS 7.0%CVE-2024-8897MEDIUMUnder certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be EPSS 6.9%CVE-2025-0244MEDIUMAddress bar spoofing using an invalid protocol scheme on Firefox for AndroidEPSS 6.6%CVE-2020-6820HIGHUnder certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in tEPSS 6.3%KEVCVE-2019-9816—A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypasEPSS 6.2%CVE-2025-4919HIGHOut-of-bounds access when optimizing linear sumsEPSS 6.0%CVE-2020-6831—A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially EPSS 5.8%CVE-2016-9063—An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.EPSS 5.5%CVE-2018-5100—A use-after-free vulnerability can occur when arguments passed to the "IsPotentiallyScrollable" function are freed while still in use by scrEPSS 5.4%CVE-2017-7778—A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use EPSS 5.2%