CVE-2015-4487 — CVSS 7.5 (high): The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow…
CVE-2015-4488 — CVSS 7.5 (high): Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS…
CVE-2015-4489 — CVSS 7.5 (high): The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote…
CVE-2015-8511 — CVSS 6.4 (medium): Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended…
CVE-2015-8510 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5…
CVE-2015-5962 — CVSS 5.0 (medium): Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in…
CVE-2015-8512 — CVSS 4.6 (medium): The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier…
CVE-2015-4494 — CVSS 4.3 (medium): Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to…
CVE-2015-2745 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to…
CVE-2015-2744 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject…
CVE-2015-4000 — CVSS 3.7 (low): The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a…
CVE-2015-5961 — CVSS 3.3 (low): The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the…
CVE-2015-5960 — CVSS 1.9 (low): Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass…