Vulnerabilities > Mozilla > Firefox ESR

DATE CVE VULNERABILITY TITLE RISK
2021-11-03 CVE-2021-38496 Use After Free vulnerability in multiple products
During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash.
network
low complexity
mozilla debian CWE-416
8.8
2021-11-03 CVE-2021-38497 Origin Validation Error vulnerability in Mozilla Firefox
Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks.
network
low complexity
mozilla CWE-346
6.5
2021-11-03 CVE-2021-38498 Use After Free vulnerability in Mozilla Firefox
During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
7.5
2021-11-03 CVE-2021-38500 Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1.
network
low complexity
mozilla debian
8.8
2021-11-03 CVE-2021-38501 Unspecified vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1.
network
low complexity
mozilla
8.8
2021-08-17 CVE-2021-29980 Missing Initialization of Resource vulnerability in Mozilla Thunderbird
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-909
8.8
2021-08-17 CVE-2021-29984 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection.
network
low complexity
mozilla CWE-787
8.8
2021-08-17 CVE-2021-29985 Use After Free vulnerability in Mozilla Thunderbird
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2021-08-17 CVE-2021-29986 Race Condition vulnerability in Mozilla Firefox
A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash.
network
high complexity
mozilla CWE-362
8.1
2021-08-17 CVE-2021-29988 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-787
8.8