| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-1542 | 6.8 |
Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate.
|
30-10-2018 - 16:27 | 11-06-2014 - 10:57 | |
| CVE-2014-1543 | 7.5 |
Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad devi
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1539 | 5.0 |
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1545 | 10.0 |
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. Per: http://cwe.mitre.org/data/defini
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1541 | 10.0 |
Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code o
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1533 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1537 | 10.0 |
Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Pe
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1534 | 10.0 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1538 | 10.0 |
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap m
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1536 | 10.0 |
The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. Per: http://cwe.mitre.org/data/definitio
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 | |
| CVE-2014-1540 | 9.3 |
Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory
|
28-12-2017 - 02:29 | 11-06-2014 - 10:57 |