Vulnerabilities > Mozilla > Firefox > 3.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-09-27 | CVE-2023-5170 | Memory Leak vulnerability in Mozilla Firefox In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. | 7.4 |
| 2023-09-27 | CVE-2023-5172 | Use After Free vulnerability in Mozilla Firefox A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. | 9.8 |
| 2023-09-27 | CVE-2023-5173 | Integer Overflow or Wraparound vulnerability in Mozilla Firefox In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. | 7.5 |
| 2023-09-27 | CVE-2023-5175 | Use After Free vulnerability in Mozilla Firefox During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. | 9.8 |
| 2023-09-12 | CVE-2023-4863 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | 8.8 |
| 2023-09-11 | CVE-2023-4579 | Unspecified vulnerability in Mozilla Firefox Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. | 3.1 |
| 2023-09-11 | CVE-2023-4585 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. | 8.8 |
| 2023-08-01 | CVE-2023-4058 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 115. | 9.8 |
| 2023-07-05 | CVE-2023-37203 | Unspecified vulnerability in Mozilla Firefox Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. | 7.8 |