Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-0801 | 7.5 |
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving anchor navigation, a sim
|
22-10-2024 - 13:54 | 01-04-2015 - 10:59 | |
CVE-2015-0807 | 6.8 |
The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to b
|
22-10-2024 - 13:54 | 01-04-2015 - 10:59 | |
CVE-2015-0816 | 5.0 |
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the a
|
17-09-2017 - 01:29 | 01-04-2015 - 10:59 | |
CVE-2015-0813 | 5.1 |
Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 on Linux, when the Fluendo MP3 plugin for GStreamer is used, allows remote attackers to execute arbi
|
03-01-2017 - 02:59 | 01-04-2015 - 10:59 | |
CVE-2015-0815 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
|
03-01-2017 - 02:59 | 01-04-2015 - 10:59 | |
CVE-2015-0814 | 7.5 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
07-12-2016 - 03:02 | 01-04-2015 - 10:59 |