Vulnerabilities > Mozilla > Firefox
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-25 | CVE-2023-5725 | A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. | 4.3 |
2023-10-25 | CVE-2023-5726 | Unspecified vulnerability in Mozilla Firefox A website could have obscured the full screen notification by using the file open dialog. | 4.3 |
2023-10-25 | CVE-2023-5727 | Unspecified vulnerability in Mozilla Firefox The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. | 6.5 |
2023-10-25 | CVE-2023-5728 | During garbage collection extra operations were performed on a object that should not be. | 7.5 |
2023-10-25 | CVE-2023-5729 | Unspecified vulnerability in Mozilla Firefox A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. | 4.3 |
2023-10-25 | CVE-2023-5730 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. | 9.8 |
2023-10-25 | CVE-2023-5731 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 118. | 9.8 |
2023-10-25 | CVE-2023-5732 | An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. | 6.5 |
2023-10-25 | CVE-2023-5758 | Cross-site Scripting vulnerability in Mozilla Firefox When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. | 6.1 |
2023-09-28 | CVE-2023-5217 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity webmproject microsoft mozilla fedoraproject debian apple google redhat CWE-787 | 8.8 |