Vulnerabilities > Mozilla > Firefox ESR
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.5 |
| 2021-06-24 | CVE-2021-29955 | Injection vulnerability in Mozilla Firefox A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. | 5.3 |
| 2021-06-24 | CVE-2021-29964 | Out-of-bounds Read vulnerability in Mozilla Firefox A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. | 7.1 |
| 2021-06-24 | CVE-2021-29967 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. | 8.8 |
| 2021-03-31 | CVE-2021-23987 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. | 8.8 |
| 2021-03-31 | CVE-2021-23984 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox A malicious extension could have opened a popup window lacking an address bar. | 6.5 |
| 2021-03-31 | CVE-2021-23982 | Inadequate Encryption Strength vulnerability in Mozilla Firefox Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. | 6.5 |
| 2021-03-31 | CVE-2021-23981 | Out-of-bounds Write vulnerability in Mozilla Firefox A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. | 8.1 |
| 2021-02-26 | CVE-2021-23978 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. | 8.8 |
| 2021-02-26 | CVE-2021-23964 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. | 8.8 |