Vulnerabilities > Mozilla > Firefox > 20.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-29967 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-29968 Out-of-bounds Read vulnerability in Mozilla Firefox
When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur.
network
mozilla CWE-125
5.8
2021-06-15 CVE-2021-30547 Out-of-bounds Write vulnerability in multiple products
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google debian fedoraproject mozilla CWE-787
8.8
2021-03-31 CVE-2021-23988 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 86.
network
mozilla CWE-787
6.8
2021-03-31 CVE-2021-23987 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8.
network
mozilla CWE-787
6.8
2021-03-31 CVE-2021-23986 Origin Validation Error vulnerability in Mozilla Firefox
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL.
network
mozilla CWE-346
4.3
2021-03-31 CVE-2021-23985 Unspecified vulnerability in Mozilla Firefox
If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user.
network
mozilla
4.3
2021-03-31 CVE-2021-23984 Authentication Bypass by Spoofing vulnerability in Mozilla Firefox
A malicious extension could have opened a popup window lacking an address bar.
network
mozilla CWE-290
4.3
2021-03-31 CVE-2021-23983 Out-of-bounds Write vulnerability in Mozilla Firefox
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash.
network
mozilla CWE-787
4.3
2021-03-31 CVE-2021-23982 Inadequate Encryption Strength vulnerability in Mozilla Firefox
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections.
network
mozilla CWE-326
4.3