Vulnerabilities > Mozilla > Firefox > 37.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-11 | CVE-2023-4579 | Unspecified vulnerability in Mozilla Firefox Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. | 3.1 |
2023-09-11 | CVE-2023-4580 | Missing Encryption of Sensitive Data vulnerability in Mozilla Thunderbird Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. | 6.5 |
2023-09-11 | CVE-2023-4581 | Unspecified vulnerability in Mozilla Thunderbird Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. | 4.3 |
2023-09-11 | CVE-2023-4582 | Classic Buffer Overflow vulnerability in Mozilla Firefox Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. | 8.8 |
2023-09-11 | CVE-2023-4583 | Unspecified vulnerability in Mozilla Thunderbird When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. | 7.5 |
2023-09-11 | CVE-2023-4584 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. | 8.8 |
2023-09-11 | CVE-2023-4585 | Out-of-bounds Write vulnerability in Mozilla Thunderbird Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. | 8.8 |
2023-09-11 | CVE-2023-4573 | Use After Free vulnerability in Mozilla Thunderbird When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. | 6.5 |
2023-08-24 | CVE-2022-46884 | Use After Free vulnerability in Mozilla Firefox A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. | 8.8 |
2023-08-01 | CVE-2023-4054 | Unspecified vulnerability in Mozilla Firefox When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. | 5.5 |