Vulnerabilities > Mozilla > Firefox ESR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-21 | CVE-2023-6207 | Use After Free vulnerability in multiple products Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | 8.8 |
| 2023-11-21 | CVE-2023-6208 | When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X11. | 8.8 |
| 2023-11-21 | CVE-2023-6212 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. | 8.8 |
| 2023-10-25 | CVE-2023-5724 | Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. | 7.5 |
| 2023-10-25 | CVE-2023-5728 | During garbage collection extra operations were performed on a object that should not be. | 7.5 |
| 2023-09-11 | CVE-2023-4576 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. | 8.6 |
| 2023-09-11 | CVE-2023-4582 | Classic Buffer Overflow vulnerability in Mozilla Firefox Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. | 8.8 |
| 2023-09-11 | CVE-2023-4583 | Unspecified vulnerability in Mozilla Thunderbird When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. | 7.5 |
| 2023-09-11 | CVE-2023-4584 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. | 8.8 |
| 2023-09-11 | CVE-2023-4585 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. | 8.8 |