Vulnerabilities > Mozilla > Firefox ESR

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-29533 Unspecified vulnerability in Mozilla products
A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls.
network
low complexity
mozilla
4.3
2023-06-02 CVE-2023-29535 Unspecified vulnerability in Mozilla products
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced.
network
low complexity
mozilla
6.5
2023-06-02 CVE-2023-29536 Use After Free vulnerability in Mozilla products
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2023-06-02 CVE-2023-29539 NULL Pointer Dereference vulnerability in Mozilla products
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character.
network
low complexity
mozilla CWE-476
8.8
2023-06-02 CVE-2023-29541 Improper Encoding or Escaping of Output vulnerability in Mozilla products
Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands.
network
low complexity
mozilla CWE-116
8.8
2023-06-02 CVE-2023-29547 Unspecified vulnerability in Mozilla Firefox ESR and Focus
When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed.
network
low complexity
mozilla
6.5
2023-06-02 CVE-2023-29548 Unspecified vulnerability in Mozilla products
A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result.
network
low complexity
mozilla
6.5
2023-06-02 CVE-2023-29550 Unspecified vulnerability in Mozilla products
Memory safety bugs present in Firefox 111 and Firefox ESR 102.9.
network
low complexity
mozilla
8.8
2023-06-02 CVE-2023-32205 Unspecified vulnerability in Mozilla Firefox
In multiple cases browser prompts could have been obscured by popups controlled by content.
network
low complexity
mozilla
4.3
2023-06-02 CVE-2023-32206 Out-of-bounds Read vulnerability in Mozilla Firefox
An out-of-bound read could have led to a crash in the RLBox Expat driver.
network
low complexity
mozilla CWE-125
6.5