Vulnerabilities > Mozilla > Firefox > 86.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-29976 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. | 8.8 |
| 2021-08-05 | CVE-2021-29977 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 89. | 8.8 |
| 2021-06-24 | CVE-2021-23994 | Missing Initialization of Resource vulnerability in Mozilla Thunderbird A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. | 8.8 |
| 2021-06-24 | CVE-2021-23995 | Operation on a Resource after Expiration or Release vulnerability in Mozilla Thunderbird When Responsive Design Mode was enabled, it used references to objects that were previously freed. | 8.8 |
| 2021-06-24 | CVE-2021-23996 | Unspecified vulnerability in Mozilla Firefox By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. | 6.5 |
| 2021-06-24 | CVE-2021-23997 | Incorrect Conversion between Numeric Types vulnerability in Mozilla Firefox Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. | 8.8 |
| 2021-06-24 | CVE-2021-23998 | Insufficient Verification of Data Authenticity vulnerability in Mozilla Thunderbird Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. | 6.5 |
| 2021-06-24 | CVE-2021-23999 | Incorrect Comparison vulnerability in Mozilla Thunderbird If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content. | 8.8 |
| 2021-06-24 | CVE-2021-24000 | Race Condition vulnerability in Mozilla Firefox A race condition with requestPointerLock() and setTimeout() could have resulted in a user interacting with one tab when they believed they were on a separate tab. | 3.1 |
| 2021-06-24 | CVE-2021-24001 | Exposure of Resource to Wrong Sphere vulnerability in Mozilla Firefox A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. | 4.3 |