Skip to main content
CVE-2014-1524 CRITICAL POC Act Now

The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox +14
NVD
CVSS 3.1
9.8
EPSS
6.4%
CVE-2014-1532 CRITICAL POC Act Now

Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Mozilla Buffer Overflow +16
NVD
CVSS 3.1
9.8
EPSS
4.9%
CVE-2014-1519 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Mozilla RCE Buffer Overflow Firefox +4
NVD VulDB
CVSS 2.0
9.3
EPSS
2.2%
CVE-2014-1522 CRITICAL POC Act Now

The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Mozilla Buffer Overflow RCE +5
NVD VulDB
CVSS 2.0
9.3
EPSS
0.8%
CVE-2014-1528 CRITICAL Act Now

The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Microsoft RCE +6
NVD VulDB
CVSS 2.0
10.0
EPSS
1.3%
CVE-2014-1525 CRITICAL PATCH Act Now

The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Mozilla Buffer Overflow +6
NVD VulDB
CVSS 2.0
9.3
EPSS
1.9%
CVE-2013-6990 CRITICAL Act Now

FortiGuard FortiAuthenticator before 3.0 allows remote administrators to gain privileges via the command line interface. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Fortiauthenticator
NVD VulDB
CVSS 2.0
9.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy