firefox vulnerabilities and exploits

5
CVSSv2
CVE-2018-19158

ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the...

10
CVSSv2
CVE-2018-19524

An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices. A long password to the Web_passwd function allows remote attackers to cause a denial of service (segmentation fault) or...

SkyworthdigitalDt721-cb FirmwareDt740 FirmwareDt741-cb Firmware
NA
CVE-2019-9808

If WebRTC permission is requested from documents with data: or blob: URLs in Firefox before 66.0, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about...

NA
CVE-2019-9809

Mozilla Firefox is vulnerable to a denial of service, caused by an error related to a series of modal alert messages. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service....

NA
CVE-2019-9806

Mozilla Firefox is vulnerable to a denial of service, caused by an error during authorization prompting for FTP transaction. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service....

NA
CVE-2019-9805

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by an error in the Prio library. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to read data from uninitialized memory for some...

NA
CVE-2019-9804

Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an error when pasting the result of the 'Copy as cURL' command into a command shell on macOS. By persuading a victim to visit a specially-crafted Web site, a remote...

NA
CVE-2019-9803

Mozilla Firefox for Android is vulnerable to a man-in-the-middle attack, caused by the failure to correctly enforce the Upgrade-Insecure-Requests (UIR) specification. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability...

NA
CVE-2019-9802

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by a Chrome process information leak. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to bypass sandbox protections and read...

NA
CVE-2019-9799

Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by improper bounds checking of data during inter-process communication. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to read...