Vulnerabilities > Mozilla > Firefox > 96.0

DATE CVE VULNERABILITY TITLE RISK
2023-08-01 CVE-2023-4051 Unspecified vulnerability in Mozilla Firefox
A website could have obscured the full screen notification by using the file open dialog.
network
low complexity
mozilla
7.5
2023-08-01 CVE-2023-4052 Link Following vulnerability in Mozilla Firefox
The Firefox updater created a directory writable by non-privileged users.
network
low complexity
mozilla CWE-59
6.5
2023-08-01 CVE-2023-4053 Link Following vulnerability in Mozilla Firefox
A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL.
network
low complexity
mozilla CWE-59
6.5
2023-07-12 CVE-2023-3600 Use After Free vulnerability in Mozilla Firefox
During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2023-07-05 CVE-2023-37203 Unspecified vulnerability in Mozilla Firefox
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files.
local
low complexity
mozilla
7.8
2023-07-05 CVE-2023-37204 Unspecified vulnerability in Mozilla Firefox
A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function.
network
low complexity
mozilla
6.5
2023-07-05 CVE-2023-37205 Unspecified vulnerability in Mozilla Firefox
The use of RTL Arabic characters in the address bar may have allowed for URL spoofing.
network
low complexity
mozilla
6.5
2023-07-05 CVE-2023-37206 Link Following vulnerability in Mozilla Firefox
Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website.
network
low complexity
mozilla CWE-59
6.5
2023-07-05 CVE-2023-37209 Use After Free vulnerability in Mozilla Firefox
A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.
network
low complexity
mozilla CWE-416
8.8
2023-07-05 CVE-2023-37210 Unspecified vulnerability in Mozilla Firefox
A website could prevent a user from exiting full-screen mode via alert and prompt calls.
network
low complexity
mozilla
6.5