Vulnerabilities > Mozilla > Firefox > 37.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-29972 Use After Free vulnerability in Mozilla Firefox
A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library.
network
mozilla CWE-416
6.8
2021-08-05 CVE-2021-29974 Unspecified vulnerability in Mozilla Firefox
When network partitioning was enabled, e.g.
network
high complexity
mozilla
2.6
2021-08-05 CVE-2021-29975 Unspecified vulnerability in Mozilla Firefox
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion.
network
mozilla
4.3
2021-08-05 CVE-2021-29976 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird.
network
low complexity
mozilla CWE-787
8.8
2021-08-05 CVE-2021-29977 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 89.
network
mozilla CWE-787
6.8
2021-06-24 CVE-2021-23994 Missing Initialization of Resource vulnerability in Mozilla Firefox
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.
network
mozilla CWE-909
6.8
2021-06-24 CVE-2021-23995 Operation on a Resource after Expiration or Release vulnerability in Mozilla Firefox
When Responsive Design Mode was enabled, it used references to objects that were previously freed.
network
high complexity
mozilla CWE-672
5.1
2021-06-24 CVE-2021-23996 Unspecified vulnerability in Mozilla Firefox
By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user.
network
mozilla
4.3
2021-06-24 CVE-2021-23997 Incorrect Conversion between Numeric Types vulnerability in Mozilla Firefox
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache.
network
mozilla CWE-681
6.8
2021-06-24 CVE-2021-23998 Insufficient Verification of Data Authenticity vulnerability in Mozilla Firefox
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page.
network
mozilla CWE-345
4.3