FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

firefox


Entered Topic
2017-08-08 mozilla -- multiple vulnerabilities
2017-06-13 mozilla -- multiple vulnerabilities
2017-04-19 mozilla -- multiple vulnerabilities
2017-03-18 firefox -- integer overflow in createImageBitmap()
2017-03-07 mozilla -- multiple vulnerabilities
2017-01-24 mozilla -- multiple vulnerabilities
2016-12-14 mozilla -- multiple vulnerabilities
2016-12-01 Mozilla -- SVG Animation Remote Code Execution
2016-11-29 mozilla -- data: URL can inherit wrong origin after an HTTP redirect
2016-11-16 mozilla -- multiple vulnerabilities
2016-10-21 mozilla -- multiple vulnerabilities
2016-09-20 mozilla -- multiple vulnerabilities
2016-09-07 Mozilla -- multiple vulnerabilities
2016-06-07 mozilla -- multiple vulnerabilities
2016-04-26 mozilla -- multiple vulnerabilities
2016-03-08 brotli -- buffer overflow
mozilla -- multiple vulnerabilities
2016-02-15 firefox -- Same-origin-policy violation using Service Workers with plugins
2016-02-01 mozilla -- multiple vulnerabilities
2015-12-15 mozilla -- multiple vulnerabilities
2015-11-19 mozilla -- multiple vulnerabilities
2015-10-16 firefox -- Cross-origin restriction bypass using Fetch
2015-09-22 mozilla -- multiple vulnerabilities
2015-08-28 mozilla -- multiple vulnerabilities
2015-08-12 libvpx -- out-of-bounds write
2015-08-11 libvpx -- multiple buffer overflows
mozilla -- multiple vulnerabilities
2015-08-07 mozilla -- multiple vulnerabilities
2015-07-16 mozilla -- multiple vulnerabilities
2015-05-12 mozilla -- multiple vulnerabilities
2015-04-21 mozilla -- use-after-free
2015-04-04 mozilla -- multiple vulnerabilities
2015-03-31 mozilla -- multiple vulnerabilities
2015-03-22 mozilla -- multiple vulnerabilities
2015-02-27 mozilla -- multiple vulnerabilities
2015-01-14 mozilla -- multiple vulnerabilities
2014-12-02 mozilla -- multiple vulnerabilities
2014-10-14 mozilla -- multiple vulnerabilities
2014-07-23 mozilla -- multiple vulnerabilities
2014-06-10 mozilla -- multiple vulnerabilities
2014-04-29 mozilla -- multiple vulnerabilities
2014-03-19 mozilla -- multiple vulnerabilities
2014-02-04 mozilla -- multiple vulnerabilities
2013-12-14 mozilla -- multiple vulnerabilities
2013-10-30 mozilla -- multiple vulnerabilities
2013-08-18 mozilla -- multiple vulnerabilities
2013-08-08 mozilla -- multiple vulnerabilities
2013-06-26 mozilla -- multiple vulnerabilities
2013-05-15 mozilla -- multiple vulnerabilities
2013-04-03 mozilla -- multiple vulnerabilities
2013-03-08 mozilla -- use-after-free in HTML Editor
2013-02-19 mozilla -- multiple vulnerabilities
2013-01-09 mozilla -- multiple vulnerabilities
2012-11-20 mozilla -- multiple vulnerabilities
2012-10-27 mozilla -- multiple vulnerabilities
2012-10-10 mozilla -- multiple vulnerabilities
2012-08-30 mozilla -- multiple vulnerabilities
2012-08-02 mozilla -- multiple vulnerabilities
2012-06-05 mozilla -- multiple vulnerabilities
2012-04-24 mozilla -- multiple vulnerabilities
2012-03-14 mozilla -- multiple vulnerabilities
2012-02-17 mozilla -- heap-buffer overflow
2012-02-11 mozilla -- use-after-free in nsXBLDocumentInfo::ReadPrototypeBindings
2012-02-01 mozilla -- multiple vulnerabilities
2011-12-21 mozilla -- multiple vulnerabilities
2011-11-08 mozilla -- multiple vulnerabilities
2011-09-28 Mozilla -- multiple vulnerabilities
2011-09-03 nss/ca_root_nss -- fraudulent certificates issued by DigiNotar.nl
2011-08-16 mozilla -- multiple vulnerabilities
2011-06-21 mozilla -- multiple vulnerabilities
2011-04-29 Mozilla -- multiple vulnerabilities
2011-03-24 mozilla -- update to HTTPS certificate blacklist
2011-03-01 mozilla -- multiple vulnerabilities
2010-12-10 mozilla -- multiple vulnerabilities
2010-10-28 mozilla -- Heap buffer overflow mixing document.write and DOM insertion
2010-10-20 mozilla -- multiple vulnerabilities
2010-09-08 mozilla -- multiple vulnerabilities
2010-08-09 firefox -- Dangling pointer crash regression from plugin parameter array fix
2010-07-21 mozilla -- multiple vulnerabilities
2010-06-23 mozilla -- multiple vulnerabilities
2010-04-05 firefox -- Re-use of freed object due to scope confusion
2010-03-30 mozilla -- multiple vulnerabilities
2010-03-23 firefox -- WOFF heap corruption due to integer overflow
2010-02-18 mozilla -- multiple vulnerabilities
2009-12-16 mozilla -- multiple vulnerabilities
2009-10-28 mozilla -- multiple vulnerabilities
2009-09-10 mozilla firefox -- multiple vulnerabilities
2009-08-04 mozilla -- multiple vulnerabilities
2009-07-17 mozilla -- corrupt JIT state after deep return from native function
2009-06-12 mozilla -- multiple vulnerabilities
2009-04-22 mozilla -- multiple vulnerabilities
2009-02-11 firefox -- multiple vulnerabilities
2008-12-19 mozilla -- multiple vulnerabilities
2008-11-13 mozilla -- multiple vulnerabilities
2008-09-24 mozilla -- multiple vulnerabilities
2008-04-25 firefox -- javascript garbage collector vulnerability
2008-03-30 mozilla -- multiple vulnerabilities
2008-02-22 mozilla -- multiple vulnerabilities
2007-11-27 firefox -- multiple remote unspecified memory corruption vulnerabilities
2007-10-22 firefox -- OnUnload Javascript browser entrapment vulnerability
2007-09-19 mozilla -- code execution via Quicktime media-link files
2007-07-19 mozilla -- multiple vulnerabilities
2007-02-24 mozilla -- multiple vulnerabilities
2006-09-15 mozilla -- multiple vulnerabilities
2006-07-27 mozilla -- multiple vulnerabilities
2006-05-03 firefox -- denial of service vulnerability
2006-04-16 mozilla -- multiple vulnerabilities
2005-09-23 firefox & mozilla -- multiple vulnerabilities
2005-09-22 firefox & mozilla -- command line URL shell command injection
2005-09-10 firefox & mozilla -- buffer overflow vulnerability
2005-07-16 firefox & mozilla -- multiple vulnerabilities
2005-05-12 mozilla -- "Wrapped" javascript: urls bypass security checks
mozilla -- privilege escalation via non-DOM property overrides
2005-05-11 mozilla -- code execution via javascript: IconURL vulnerability
2005-04-16 firefox -- arbitrary code execution in sidebar panel
firefox -- PLUGINSPAGE privileged javascript execution
mozilla -- code execution through javascript: favicons
mozilla -- javascript "lambda" replace exposes memory contents
mozilla -- privilege escalation via DOM property overrides
2005-03-24 firefox -- arbitrary code execution from sidebar panel
mozilla -- heap buffer overflow in GIF image processing
2005-02-26 mozilla -- arbitrary code execution vulnerability
mozilla -- insecure temporary directory vulnerability
2005-01-24 web browsers -- window injection vulnerabilities
2005-01-18 mozilla -- insecure permissions for some downloaded files
2004-09-30 mozilla -- hostname spoofing bug
mozilla -- scripting vulnerabilities
mozilla -- users may be lured into bypassing security dialogs
2004-09-28 mozilla -- BMP decoder vulnerabilities
mozilla -- multiple heap buffer overflows
2004-09-22 mozilla -- built-in CA certificates may be overridden
mozilla -- NULL bytes in FTP URLs
mozilla -- security icon spoofing
2004-09-14 mozilla -- SOAPParameter integer overflow
2004-08-12 Mutiple browser frame injection vulnerability
2004-08-04 libpng stack-based buffer overflow and other code concerns
2004-07-30 Mozilla / Firefox user interface spoofing vulnerability
Mozilla certificate spoofing