Vulnerabilities > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2021-03-31 CVE-2021-23988 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 86.
network
mozilla CWE-119
6.8
2021-03-31 CVE-2021-23987 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8.
network
mozilla CWE-119
6.8
2021-03-31 CVE-2021-23986 Origin Validation Error vulnerability in Mozilla Firefox
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL.
network
mozilla CWE-346
4.3
2021-03-31 CVE-2021-23985 Exposure of Resource TO Wrong Sphere vulnerability in Mozilla Firefox
If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user.
network
mozilla CWE-668
4.3
2021-03-31 CVE-2021-23984 Authentication Bypass BY Spoofing vulnerability in Mozilla Firefox
A malicious extension could have opened a popup window lacking an address bar.
network
mozilla CWE-290
4.3
2021-03-31 CVE-2021-23983 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash.
network
mozilla CWE-119
4.3
2021-03-31 CVE-2021-23982 Inadequate Encryption Strength vulnerability in Mozilla Firefox
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections.
network
mozilla CWE-326
4.3
2021-03-31 CVE-2021-23981 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash.
network
mozilla CWE-119
5.8
2021-03-08 CVE-2021-21354 Open Redirect vulnerability in Mozilla Pollbot
Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/".
network
mozilla CWE-601
5.8
2021-02-26 CVE-2021-23979 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 85.
network
mozilla CWE-119
6.8