Vulnerabilities > Mozilla > Firefox ESR

DATE CVE VULNERABILITY TITLE RISK
2024-09-03 CVE-2024-8387 Out-of-bounds Write vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1.
network
low complexity
mozilla CWE-787
critical
9.8
2024-08-06 CVE-2024-7518 Unspecified vulnerability in Mozilla Firefox
Select options could obscure the fullscreen notification dialog.
network
low complexity
mozilla
6.5
2024-08-06 CVE-2024-7519 Out-of-bounds Write vulnerability in Mozilla Firefox
Insufficient checks when processing graphics shared memory could have led to memory corruption.
network
low complexity
mozilla CWE-787
critical
9.6
2024-08-06 CVE-2024-7520 Type Confusion vulnerability in Mozilla Firefox
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution.
network
low complexity
mozilla CWE-843
8.8
2024-08-06 CVE-2024-7521 Improper Handling of Exceptional Conditions vulnerability in Mozilla Firefox
Incomplete WebAssembly exception handing could have led to a use-after-free.
network
low complexity
mozilla CWE-755
8.8
2024-08-06 CVE-2024-7522 Out-of-bounds Read vulnerability in Mozilla Firefox
Editor code failed to check an attribute value.
network
low complexity
mozilla CWE-125
8.8
2024-08-06 CVE-2024-7524 Cross-site Scripting vulnerability in Mozilla Firefox
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection.
network
low complexity
mozilla CWE-79
6.1
2024-08-06 CVE-2024-7525 Incorrect Default Permissions vulnerability in Mozilla Firefox
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site.
network
low complexity
mozilla CWE-276
8.1
2024-08-06 CVE-2024-7526 Use of Uninitialized Resource vulnerability in Mozilla Firefox
ANGLE failed to initialize parameters which lead to reading from uninitialized memory.
network
low complexity
mozilla CWE-908
6.5
2024-08-06 CVE-2024-7527 Use After Free vulnerability in Mozilla Firefox
Unexpected marking work at the start of sweeping could have led to a use-after-free.
network
low complexity
mozilla CWE-416
8.8