Vulnerabilities > Mozilla > Firefox ESR > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2021-29980 Missing Initialization of Resource vulnerability in Mozilla Thunderbird
Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-909
8.8
2021-08-17 CVE-2021-29984 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection.
network
low complexity
mozilla CWE-787
8.8
2021-08-17 CVE-2021-29985 Use After Free vulnerability in Mozilla Thunderbird
A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2021-08-17 CVE-2021-29986 Race Condition vulnerability in Mozilla Firefox
A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash.
network
high complexity
mozilla CWE-362
8.1
2021-08-17 CVE-2021-29988 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-787
8.8
2021-08-17 CVE-2021-29989 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12.
network
low complexity
mozilla CWE-787
8.8
2021-08-05 CVE-2021-29970 Use After Free vulnerability in Mozilla Firefox
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2021-08-05 CVE-2021-29976 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-23994 Missing Initialization of Resource vulnerability in Mozilla Thunderbird
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.
network
low complexity
mozilla CWE-909
8.8
2021-06-24 CVE-2021-23995 Operation on a Resource after Expiration or Release vulnerability in Mozilla Thunderbird
When Responsive Design Mode was enabled, it used references to objects that were previously freed.
network
low complexity
mozilla CWE-672
8.8