Vulnerabilities > Mozilla > Firefox > 86.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-1009 | Use After Free vulnerability in Mozilla Firefox An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. | 9.8 |
| 2025-02-04 | CVE-2025-1010 | Use After Free vulnerability in Mozilla Firefox An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. | 8.8 |
| 2025-02-04 | CVE-2025-1011 | Unspecified vulnerability in Mozilla Firefox A bug in WebAssembly code generation could have lead to a crash. | 8.8 |
| 2025-02-04 | CVE-2025-1012 | Use After Free vulnerability in Mozilla Firefox A race during concurrent delazification could have led to a use-after-free. | 7.5 |
| 2025-02-04 | CVE-2025-1014 | Improper Certificate Validation vulnerability in Mozilla Firefox Certificate length was not properly checked when added to a certificate store. | 8.8 |
| 2025-02-04 | CVE-2025-1016 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1017 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1018 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. | 5.3 |
| 2025-02-04 | CVE-2025-1019 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The z-order of the browser windows could be manipulated to hide the fullscreen notification. | 4.3 |
| 2025-02-04 | CVE-2025-1020 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 134 and Thunderbird 134. | 9.8 |