Vulnerabilities > Mozilla > Firefox > 3.0.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-06 | CVE-2024-7522 | Out-of-bounds Read vulnerability in Mozilla Firefox Editor code failed to check an attribute value. | 8.8 |
2024-08-06 | CVE-2024-7524 | Cross-site Scripting vulnerability in Mozilla Firefox Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. | 6.1 |
2024-08-06 | CVE-2024-7525 | Incorrect Default Permissions vulnerability in Mozilla Firefox It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. | 8.1 |
2024-08-06 | CVE-2024-7526 | Use of Uninitialized Resource vulnerability in Mozilla Firefox ANGLE failed to initialize parameters which lead to reading from uninitialized memory. | 6.5 |
2024-08-06 | CVE-2024-7527 | Use After Free vulnerability in Mozilla Firefox Unexpected marking work at the start of sweeping could have led to a use-after-free. | 8.8 |
2024-08-06 | CVE-2024-7528 | Use After Free vulnerability in Mozilla Firefox Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. | 8.8 |
2024-08-06 | CVE-2024-7529 | Unspecified vulnerability in Mozilla Firefox The date picker could partially obscure security prompts. | 6.5 |
2024-08-06 | CVE-2024-7530 | Use After Free vulnerability in Mozilla Firefox Incorrect garbage collection interaction could have led to a use-after-free. | 8.8 |
2024-08-06 | CVE-2024-7531 | Unspecified vulnerability in Mozilla Firefox Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. | 6.5 |
2024-07-09 | CVE-2024-6608 | Unspecified vulnerability in Mozilla Firefox It was possible to move the cursor using pointerlock from an iframe. | 4.3 |