Vulnerabilities > Mozilla > Firefox

DATE CVE VULNERABILITY TITLE RISK
2023-09-11 CVE-2023-4584 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1.
network
low complexity
mozilla CWE-787
8.8
2023-09-11 CVE-2023-4585 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1.
network
low complexity
mozilla CWE-787
8.8
2023-09-11 CVE-2023-4573 Use After Free vulnerability in Mozilla Thunderbird
When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash.
network
low complexity
mozilla CWE-416
6.5
2023-08-24 CVE-2022-46884 Use After Free vulnerability in Mozilla Firefox
A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time.
network
low complexity
mozilla CWE-416
8.8
2023-08-01 CVE-2023-4054 Unspecified vulnerability in Mozilla Firefox
When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code.
local
low complexity
mozilla
5.5
2023-08-01 CVE-2023-4055 When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state.
network
low complexity
mozilla debian
7.5
2023-08-01 CVE-2023-4056 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13.
network
low complexity
mozilla debian CWE-787
critical
9.8
2023-08-01 CVE-2023-4057 Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0.
network
low complexity
mozilla CWE-787
critical
9.8
2023-08-01 CVE-2023-4058 Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 115.
network
low complexity
mozilla CWE-787
critical
9.8
2023-08-01 CVE-2023-4045 Origin Validation Error vulnerability in multiple products
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy.
network
low complexity
mozilla debian CWE-346
5.3