Vulnerabilities > Mozilla > Firefox > 91.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-03 | CVE-2024-8382 | Unspecified vulnerability in Mozilla Firefox ESR Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. | 8.8 |
| 2024-09-03 | CVE-2024-8383 | Unspecified vulnerability in Mozilla Firefox ESR Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. | 7.5 |
| 2024-09-03 | CVE-2024-8386 | Open Redirect vulnerability in Mozilla Firefox If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. | 6.1 |
| 2024-09-03 | CVE-2024-8388 | Unspecified vulnerability in Mozilla Firefox Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. | 5.3 |
| 2024-08-06 | CVE-2024-7518 | Unspecified vulnerability in Mozilla Firefox Select options could obscure the fullscreen notification dialog. | 6.5 |
| 2024-08-06 | CVE-2024-7520 | Type Confusion vulnerability in Mozilla Firefox A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. | 8.8 |
| 2024-08-06 | CVE-2024-7524 | Cross-site Scripting vulnerability in Mozilla Firefox Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. | 6.1 |
| 2024-08-06 | CVE-2024-7527 | Use After Free vulnerability in Mozilla Firefox Unexpected marking work at the start of sweeping could have led to a use-after-free. | 8.8 |
| 2024-08-06 | CVE-2024-7531 | Unspecified vulnerability in Mozilla Firefox Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. | 6.5 |
| 2024-07-09 | CVE-2024-6608 | Unspecified vulnerability in Mozilla Firefox It was possible to move the cursor using pointerlock from an iframe. | 4.3 |