Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 19.0.1  Security Vulnerabilities
CVE-2018-5124
Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.
CVSS Score
6.1
EPSS Score
0.006
Published
2019-04-26
CVE-2018-5179
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-04-26
CVE-2017-7771
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.
CVSS Score
8.1
EPSS Score
0.004
Published
2019-04-15
CVE-2017-7773
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-04-15
CVE-2017-7774
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.
CVSS Score
9.1
EPSS Score
0.006
Published
2019-04-15
CVE-2017-7776
Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.
CVSS Score
8.1
EPSS Score
0.005
Published
2019-04-15
CVE-2017-7777
Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-04-15
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-04-12
CVE-2018-12399
When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox < 63.
CVSS Score
4.3
EPSS Score
0.004
Published
2019-02-28
CVE-2018-12400
In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63.
CVSS Score
5.3
EPSS Score
0.003
Published
2019-02-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved