CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-9818
https://notcve.org/view.php?id=CVE-2019-9818
23 Jul 2019 — This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. • https://bugzilla.mozilla.org/show_bug.cgi?id=1542581 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11716 – Ubuntu Security Notice USN-4054-1
https://notcve.org/view.php?id=CVE-2019-11716
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11720 – Ubuntu Security Notice USN-4054-1
https://notcve.org/view.php?id=CVE-2019-11720
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-11721 – Ubuntu Security Notice USN-4054-1
https://notcve.org/view.php?id=CVE-2019-11721
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-11724 – Ubuntu Security Notice USN-4054-2
https://notcve.org/view.php?id=CVE-2019-11724
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11725 – Ubuntu Security Notice USN-4054-1
https://notcve.org/view.php?id=CVE-2019-11725
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11727 – nss: PKCS#1 v1.5 signatures can be used for TLS 1.3
https://notcve.org/view.php?id=CVE-2019-11727
12 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html • CWE-295: Improper Certificate Validation CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 3%CPEs: 8EXPL: 0CVE-2019-11709 – Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8
https://notcve.org/view.php?id=CVE-2019-11709
11 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 0CVE-2019-11711 – Mozilla: Script injection within domain through inner window reuse
https://notcve.org/view.php?id=CVE-2019-11711
11 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11712 – Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
https://notcve.org/view.php?id=CVE-2019-11712
11 Jul 2019 — A sandbox escape was discovered in Firefox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html • CWE-352: Cross-Site Request Forgery (CSRF) CWE-829: Inclusion of Functionality from Untrusted Control Sphere •