Vulnerabilities (CVE)

Filtered by CWE-416
Total 5698 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-7809 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVE-2017-7806 1 Mozilla 1 Firefox 2024-11-21 5.0 MEDIUM 7.5 HIGH
A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55.
CVE-2017-7805 2 Debian, Mozilla 3 Debian Linux, Firefox, Thunderbird 2024-11-21 5.0 MEDIUM 7.5 HIGH
During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVE-2017-7802 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVE-2017-7801 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur while re-computing layout for a "marquee" element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVE-2017-7800 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVE-2017-7793 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4.
CVE-2017-7784 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.
CVE-2017-7757 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability in IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7756 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7752 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use-after-free vulnerability during specific user interactions with the input method editor (IME) in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7751 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability with content viewer listeners that results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7750 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during video control operations when a "<track>" element holds a reference to an older window if that window has been replaced in the DOM. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-7749 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-5472 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.
CVE-2017-5460 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability in frame selection triggered by a combination of malicious script content and key presses by a user. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5447 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5442 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during changes in style when manipulating DOM elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5441 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability when holding a selection during scroll events. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
CVE-2017-5440 3 Debian, Mozilla, Redhat 10 Debian Linux, Firefox, Firefox Esr and 7 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A use-after-free vulnerability during XSLT processing due to a failure to propagate error conditions during matching while evaluating context, leading to objects being used when they no longer exist. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.