Vulnerabilities > Mozilla > Firefox > 21.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7530 | Use After Free vulnerability in Mozilla Firefox Incorrect garbage collection interaction could have led to a use-after-free. | 8.8 |
| 2024-08-06 | CVE-2024-7531 | Unspecified vulnerability in Mozilla Firefox Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. | 6.5 |
| 2024-07-09 | CVE-2024-6608 | Unspecified vulnerability in Mozilla Firefox It was possible to move the cursor using pointerlock from an iframe. | 4.3 |
| 2024-07-09 | CVE-2024-6609 | Unspecified vulnerability in Mozilla Firefox When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. | 8.8 |
| 2024-07-09 | CVE-2024-6610 | Unspecified vulnerability in Mozilla Firefox Form validation popups could capture escape key presses. | 4.3 |
| 2024-06-13 | CVE-2024-38312 | Unspecified vulnerability in Mozilla Firefox When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. | 6.5 |
| 2024-06-13 | CVE-2024-38313 | Unspecified vulnerability in Mozilla Firefox In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127. | 4.3 |
| 2024-06-11 | CVE-2024-5689 | Unspecified vulnerability in Mozilla Firefox In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. | 4.3 |
| 2024-06-11 | CVE-2024-5690 | Information Exposure Through Discrepancy vulnerability in multiple products By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. | 4.3 |
| 2024-06-11 | CVE-2024-5691 | Unspecified vulnerability in Mozilla Firefox By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window. | 4.7 |