The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Firefox

Skia: information disclosure via Timing Side-channel drawImage
An attacker can bypass access restrictions to data via Timing Side-channel drawImage() of Skia, in order to obtain sensitive information...
CERTFR-2020-AVI-766, CVE-2020-16012, DLA-2457-1, DLA-2464-1, DSA-4793-1, DSA-4796-1, DSA-4824-1, FEDORA-2020-10ec8aca61, FEDORA-2020-24bedcb95c, FEDORA-2020-3e005ce2e0, FEDORA-2020-9493cfc1ac, FEDORA-2020-b4b9280811, FEDORA-2020-f9f7305137, MFSA2020-50, MFSA2020-51, MFSA2020-52, openSUSE-SU-2020:2010-1, openSUSE-SU-2020:2012-1, openSUSE-SU-2020:2020-1, openSUSE-SU-2020:2021-1, openSUSE-SU-2020:2026-1, openSUSE-SU-2020:2031-1, openSUSE-SU-2020:2032-1, openSUSE-SU-2020:2055-1, openSUSE-SU-2020:2096-1, openSUSE-SU-2020:2187-1, openSUSE-SU-2020:2315-1, RHSA-2020:5231-01, RHSA-2020:5232-01, RHSA-2020:5233-01, RHSA-2020:5234-01, RHSA-2020:5235-01, RHSA-2020:5236-01, RHSA-2020:5237-01, RHSA-2020:5238-01, RHSA-2020:5239-01, RHSA-2020:5240-01, RHSA-2020:5257-01, RHSA-2020:5314-01, SUSE-SU-2020:14548-1, SUSE-SU-2020:3383-1, SUSE-SU-2020:3458-1, SUSE-SU-2020:3528-1, SUSE-SU-2020:3548-1, USN-4637-1, USN-4637-2, USN-4647-1, VIGILANCE-VUL-33923
usersctp: use after free via sctp_process_a_data_chunk
An attacker can force the usage of a freed memory area via sctp_process_a_data_chunk() of usersctp, in order to trigger a denial of service, and possibly to run code...
ADV200002, CVE-2020-15969, DLA-2411-1, DLA-2416-1, DSA-4778-1, DSA-4780-1, DSA-4824-1, FEDORA-2020-127d40f1ab, FEDORA-2020-4e8e48da22, FEDORA-2020-8aca25b5c8, FEDORA-2020-aba1d14e9e, FEDORA-2021-bdaf015218, HT212003, MFSA2020-45, MFSA2020-46, openSUSE-SU-2020:1705-1, openSUSE-SU-2020:1715-1, openSUSE-SU-2020:1731-1, openSUSE-SU-2020:1732-1, openSUSE-SU-2020:1748-1, openSUSE-SU-2020:1780-1, openSUSE-SU-2020:1785-1, openSUSE-SU-2020:1829-1, RHSA-2020:4235-01, RHSA-2020:4310-01, RHSA-2020:4311-01, RHSA-2020:4315-01, RHSA-2020:4317-01, RHSA-2020:4330-01, RHSA-2020:4909-01, RHSA-2020:4913-01, RHSA-2020:4944-01, RHSA-2020:4945-01, RHSA-2020:4947-01, RHSA-2020:4948-01, SUSE-SU-2020:14522-1, SUSE-SU-2020:3021-1, SUSE-SU-2020:3022-1, SUSE-SU-2020:3053-1, SUSE-SU-2020:3091-1, USN-4599-1, USN-4599-2, USN-4599-3, USN-4647-1, VIGILANCE-VUL-33635
WebRTC: information disclosure via Internal Address Leak
An attacker can bypass access restrictions to data via Internal Address Leak of WebRTC, in order to obtain sensitive information...
ADV200002, bulletinjul2020, CVE-2020-6514, DLA-2297-1, DLA-2310-1, DSA-4736-1, DSA-4740-1, DSA-4824-1, FEDORA-2020-84d87cbd50, FEDORA-2020-bf684961d9, FEDORA-2021-bdaf015218, MFSA2020-30, MFSA2020-31, MFSA2020-32, openSUSE-SU-2020:1020-1, openSUSE-SU-2020:1021-1, openSUSE-SU-2020:1048-1, openSUSE-SU-2020:1061-1, openSUSE-SU-2020:1147-1, openSUSE-SU-2020:1148-1, openSUSE-SU-2020:1155-1, openSUSE-SU-2020:1172-1, openSUSE-SU-2020:1179-1, openSUSE-SU-2020:1189-1, openSUSE-SU-2020:1205-1, RHSA-2020:3229-01, RHSA-2020:3233-01, RHSA-2020:3241-01, RHSA-2020:3253-01, RHSA-2020:3254-01, RHSA-2020:3341-01, RHSA-2020:3342-01, RHSA-2020:3343-01, RHSA-2020:3344-01, RHSA-2020:3345-01, RHSA-2020:3377-01, SSA:2020-209-01, SSA:2020-213-01, SUSE-SU-2020:14456-1, SUSE-SU-2020:2100-1, SUSE-SU-2020:2118-1, SUSE-SU-2020:2147-1, SUSE-SU-2020:2179-1, USN-4443-1, VIGILANCE-VUL-32960
ANGLE: use after free via gl-Texture-onUnbindAsSamplerTexture
An attacker can force the usage of a freed memory area via gl::Texture::onUnbindAsSamplerTexture() of ANGLE, in order to trigger a denial of service, and possibly to run code...
ADV200002, bulletinjul2020, CVE-2020-6463, DLA-2297-1, DLA-2310-1, DSA-4714-1, DSA-4714-2, DSA-4714-3, DSA-4736-1, DSA-4740-1, FEDORA-2020-0e7f1b663b, FEDORA-2020-da49fbb17c, MFSA2020-30, MFSA2020-31, MFSA2020-32, openSUSE-SU-2020:0604-1, openSUSE-SU-2020:0615-1, openSUSE-SU-2020:0635-1, openSUSE-SU-2020:0823-1, openSUSE-SU-2020:1147-1, openSUSE-SU-2020:1155-1, openSUSE-SU-2020:1179-1, openSUSE-SU-2020:1189-1, openSUSE-SU-2020:1205-1, RHSA-2020:1970-01, RHSA-2020:3229-01, RHSA-2020:3233-01, RHSA-2020:3241-01, RHSA-2020:3253-01, RHSA-2020:3254-01, RHSA-2020:3341-01, RHSA-2020:3342-01, RHSA-2020:3343-01, RHSA-2020:3344-01, RHSA-2020:3345-01, SSA:2020-209-01, SSA:2020-213-01, SUSE-SU-2020:14456-1, SUSE-SU-2020:2100-1, SUSE-SU-2020:2118-1, SUSE-SU-2020:2147-1, SUSE-SU-2020:2179-1, USN-4443-1, VIGILANCE-VUL-32959
Mozilla NSS: information disclosure via Scalar Padding
An attacker can bypass access restrictions to data via Scalar Padding of Mozilla NSS, in order to obtain sensitive information...
1631573, CVE-2020-12401, DLA-2388-1, FEDORA-2020-426fd04fd0, FEDORA-2020-481c7e285d, FEDORA-2020-f136f60e5f, MFSA2020-36, RHSA-2020:4076-01, USN-4455-1, USN-4474-1, USN-4474-2, VIGILANCE-VUL-32922
Mozilla NSS: information disclosure via P521
An attacker can bypass access restrictions to data via P521 of Mozilla NSS, in order to obtain sensitive information...
1631583, CVE-2020-12400, DLA-2388-1, FEDORA-2020-f136f60e5f, MFSA2020-36, RHSA-2020:4076-01, RHSA-2021:0538-01, USN-4455-1, USN-4474-1, USN-4474-2, VIGILANCE-VUL-32921
Mozilla NSS: information disclosure via P384
An attacker can bypass access restrictions to data via P384 of Mozilla NSS, in order to obtain sensitive information...
1631583, CVE-2020-6829, DLA-2388-1, FEDORA-2020-f136f60e5f, MFSA2020-36, RHSA-2020:4076-01, RHSA-2021:0538-01, USN-4455-1, USN-4474-1, USN-4474-2, VIGILANCE-VUL-32920
Firefox: information disclosure via X-Frame-Options Bypass
An attacker can bypass access restrictions to data via X-Frame-Options Bypass of Firefox, in order to obtain sensitive information...
CERTFR-2020-AVI-422, MFSA2020-28, openSUSE-SU-2020:1034-1, openSUSE-SU-2020:1042-1, SUSE-SU-2020:1958-1, USN-4423-1, VIGILANCE-VUL-32786
Mozilla NSS: information disclosure via MPI Modular Inversion
An attacker can bypass access restrictions to data via MPI Modular Inversion of Mozilla NSS, in order to obtain sensitive information...
bulletinoct2020, CERTFR-2020-AVI-448, CVE-2020-12402, DLA-2266-1, DLA-2388-1, DSA-4726-1, FEDORA-2020-16741ac7ff, FEDORA-2020-3ef1937475, MFSA2020-29, openSUSE-SU-2020:0953-1, openSUSE-SU-2020:0955-1, openSUSE-SU-2020:0983-1, openSUSE-SU-2020:1017-1, RHSA-2020:3280-01, RHSA-2020:4076-01, SSA:2020-181-01, SUSE-SU-2020:14418-1, SUSE-SU-2020:14421-1, SUSE-SU-2020:1839-1, SUSE-SU-2020:1850-1, USN-4417-1, USN-4417-2, VIGILANCE-VUL-32574
Mozilla NSS: vulnerability via DSA Exponentiation
A vulnerability via DSA Exponentiation of Mozilla NSS was announced...
CERTFR-2020-AVI-344, CVE-2020-12399, DLA-2243-1, DLA-2247-1, DLA-2266-1, DLA-2388-1, DSA-4695-1, DSA-4702-1, DSA-4726-1, FEDORA-2020-0fc1639c88, FEDORA-2020-19e5635ee3, FEDORA-2020-5f7f8fcbce, FEDORA-2020-7e974bd2bb, MFSA2020-21, MFSA2020-22, openSUSE-SU-2020:0854-1, SSA:2020-156-01, SSA:2020-189-01, SUSE-SU-2020:14418-1, SUSE-SU-2020:1677-1, SUSE-SU-2020:1839-1, USN-4383-1, USN-4397-1, USN-4397-2, USN-4421-1, VIGILANCE-VUL-32310
Our database contains other pages. You can request a free trial to read them.

Display information about Firefox: