VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Mozilla
>
Firefox ESR
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-01-23
CVE-2024-0750
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla
debian
8.8
8.8
2024-01-23
CVE-2024-0751
Improper Privilege Management vulnerability in multiple products
A malicious devtools extension could have been used to escalate privileges.
network
low complexity
mozilla
debian
CWE-269
8.8
8.8
2024-01-23
CVE-2024-0755
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.
network
low complexity
mozilla
debian
8.8
8.8
2023-12-19
CVE-2023-6856
Out-of-bounds Write vulnerability in multiple products
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver.
network
low complexity
mozilla
debian
CWE-787
8.8
8.8
2023-12-19
CVE-2023-6858
Out-of-bounds Write vulnerability in multiple products
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling.
network
low complexity
mozilla
debian
CWE-787
8.8
8.8
2023-12-19
CVE-2023-6859
Use After Free vulnerability in multiple products
A use-after-free condition affected TLS socket creation when under memory pressure.
network
low complexity
mozilla
debian
CWE-416
8.8
8.8
2023-12-19
CVE-2023-6861
Out-of-bounds Write vulnerability in multiple products
The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode.
network
low complexity
mozilla
debian
CWE-787
8.8
8.8
2023-12-19
CVE-2023-6862
Use After Free vulnerability in multiple products
A use-after-free was identified in the `nsDNSService::Init`.
network
low complexity
mozilla
debian
CWE-416
8.8
8.8
2023-12-19
CVE-2023-6863
The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor.
network
low complexity
mozilla
debian
8.8
8.8
2023-12-19
CVE-2023-6864
Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5.
network
low complexity
mozilla
debian
CWE-787
8.8
8.8
«
1
(current)
2
3
4
5
...
28
29
»
Next