Vulnerabilities > Mozilla > Firefox ESR > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-24 | CVE-2021-23999 | Incorrect Comparison vulnerability in Mozilla Thunderbird If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. | 8.8 |
2021-06-24 | CVE-2021-24002 | Injection vulnerability in Mozilla Thunderbird When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. | 8.8 |
2021-06-24 | CVE-2021-29946 | Integer Overflow or Wraparound vulnerability in Mozilla Thunderbird Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. | 8.8 |
2021-06-24 | CVE-2021-29964 | Out-of-bounds Read vulnerability in Mozilla Firefox A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. | 7.1 |
2021-06-24 | CVE-2021-29967 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. | 8.8 |
2021-03-31 | CVE-2021-23987 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. | 8.8 |
2021-03-31 | CVE-2021-23981 | Out-of-bounds Write vulnerability in Mozilla Firefox A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. | 8.1 |
2021-02-26 | CVE-2021-23978 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. | 8.8 |
2021-02-26 | CVE-2021-23964 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. | 8.8 |
2021-02-26 | CVE-2021-23960 | Unspecified vulnerability in Mozilla Firefox Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. | 8.8 |