CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0CVE-2019-11752 – Mozilla: Use-after-free while extracting a key value in IndexedDB
https://notcve.org/view.php?id=CVE-2019-11752
This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. ... Esta vulnerabilidad afecta a Firefox versiones anteriores a 69, Thunderbird versiones anteriores a 68.1, Thunderbird versiones anteriores a 60.9, Firefox ESR versiones anteriores a 60.9 y Firefox ESR versiones anteriores a 68.1. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html https://bugzilla.mozilla.org/show_bug.cgi?id=1501152 https://security.gentoo.org/glsa/201911-07 https://usn.ubuntu.com/4150-1 https://www.mozilla.org/security/advisories/mfsa2019-25 https://w • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2019-9812 – Mozilla Firefox sync Universal Cross-Site Scripting Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2019-9812
Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. ... This vulnerability affects Firefox ESR < 60.9, Firefox ESR < 68.1, and Firefox < 69. Dado un proceso de contenido comprometido dentro del sandbox debido a una vulnerabilidad separada, es posible escapar de ese sandbox cargando accounts.firefox.com en ese proceso y forzando un inicio de sesión en una cuenta de Firefox Sync maliciosa. ... Esta vulnerabilidad afecta a Firefox ESR versiones anteriores a 60.9, Firefox ESR versiones anteriores a la versión 68.1 y Firefox versiones anteriores a la versión 69. This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1538008 https://bugzilla.mozilla.org/show_bug.cgi?id=1538015 https://www.mozilla.org/security/advisories/mfsa2019-25 https://www.mozilla.org/security/advisories/mfsa2019-26 https://www.mozilla.org/security/advisories/mfsa2019-27 https://access.redhat.com/security/cve/CVE-2019-9812 https://bugzilla.redhat.com/show_bug.cgi?id=1748660 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-11733 – firefox: stored passwords in 'Saved Logins' can be copied without master password entry
https://notcve.org/view.php?id=CVE-2019-11733
This vulnerability affects Firefox < 68.0.2 and Firefox ESR < 68.0.2. ... Esta vulnerabilidad afecta a Firefox versiones anteriores a 68.0.2 y Firefox ESR versiones anteriores a 68.0.2. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html https://bugzilla.mozilla.org/show_bug.cgi?id=1565780 https://www.mozilla.org/security/advisories/mfsa2019-24 https://access.redhat.com/security/cve/CVE-2019-11733 https://bugzilla.redhat.com/show_bug.cgi?id=1745687 • CWE-287: Improper Authentication CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9814
https://notcve.org/view.php?id=CVE-2019-9814
Mozilla developers and community members reported memory safety bugs present in Firefox 66. ... This vulnerability affects Firefox < 67. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron bugs de seguridad de memoria presentes en Firefox 66. ... Esta vulnerabilidad afecta a Firefox anterior a versión 67. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1527592%2C1534536%2C1520132%2C1543159%2C1539393%2C1459932%2C1459182%2C1516425 https://www.mozilla.org/security/advisories/mfsa2019-13 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11710
https://notcve.org/view.php?id=CVE-2019-11710
Mozilla developers and community members reported memory safety bugs present in Firefox 67. ... This vulnerability affects Firefox < 68. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron bugs de seguridad de memoria presentes en Firefox versión 67. ... Esta vulnerabilidad afecta a Firefox anterior a versión 68. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180 https://security.gentoo.org/glsa/201908-12 https:/&# • CWE-787: Out-of-bounds Write •