Vulnerabilities > Mozilla > Firefox > 86.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-24002 | Injection vulnerability in Mozilla Thunderbird When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. | 8.8 |
| 2021-06-24 | CVE-2021-29944 | Cross-site Scripting vulnerability in Mozilla Firefox Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. | 6.1 |
| 2021-06-24 | CVE-2021-29946 | Integer Overflow or Wraparound vulnerability in Mozilla Thunderbird Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. | 8.8 |
| 2021-06-24 | CVE-2021-29947 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 87. | 8.8 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.5 |
| 2021-06-24 | CVE-2021-29955 | Injection vulnerability in Mozilla Firefox A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. | 5.3 |
| 2021-06-24 | CVE-2021-29959 | Incorrect Authorization vulnerability in Mozilla Firefox When a user has already allowed a website to access microphone and camera, disabling camera sharing would not fully prevent the website from re-enabling it without an additional prompt. | 4.3 |
| 2021-06-24 | CVE-2021-29960 | Incorrect Resource Transfer Between Spheres vulnerability in Mozilla Firefox Firefox used to cache the last filename used for printing a file. | 4.3 |
| 2021-06-24 | CVE-2021-29961 | Incorrect Authorization vulnerability in Mozilla Firefox When styling and rendering an oversized `<select>` element, Firefox did not apply correct clipping which allowed an attacker to paint over the user interface. | 4.3 |
| 2021-06-24 | CVE-2021-29964 | Out-of-bounds Read vulnerability in Mozilla Firefox A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. | 7.1 |