Vulnerabilities > Mozilla > Firefox ESR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2021-23964 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. | 8.8 |
| 2021-02-26 | CVE-2021-23960 | Unspecified vulnerability in Mozilla Firefox Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. | 8.8 |
| 2021-02-26 | CVE-2021-23954 | Type Confusion vulnerability in Mozilla Firefox Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. | 8.8 |
| 2021-01-07 | CVE-2020-35113 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. | 8.8 |
| 2021-01-07 | CVE-2020-35112 | Unspecified vulnerability in Mozilla Firefox If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. | 8.8 |
| 2021-01-07 | CVE-2020-26974 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. | 8.8 |
| 2021-01-07 | CVE-2020-26973 | Unspecified vulnerability in Mozilla Firefox ESR Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. | 8.8 |
| 2021-01-07 | CVE-2020-26971 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. | 8.8 |
| 2020-12-09 | CVE-2020-26968 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. | 8.8 |
| 2020-12-09 | CVE-2020-26960 | Use After Free vulnerability in Mozilla Firefox If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash. | 8.8 |