Vulnerabilities > Mozilla > Firefox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-1529 | Unspecified vulnerability in Mozilla Thunderbird An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. | 8.8 |
| 2022-12-22 | CVE-2022-1802 | Unspecified vulnerability in Mozilla Thunderbird If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. | 8.8 |
| 2022-12-22 | CVE-2022-1887 | SQL Injection vulnerability in Mozilla Firefox The search term could have been specified externally to trigger SQL injection. | 9.8 |
| 2022-12-22 | CVE-2022-22736 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. | 7.0 |
| 2022-12-22 | CVE-2022-22737 | Race Condition vulnerability in Mozilla Firefox Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. | 7.5 |
| 2022-12-22 | CVE-2022-22738 | Out-of-bounds Write vulnerability in Mozilla Firefox Applying a CSS filter effect could have accessed out of bounds memory. | 8.8 |
| 2022-12-22 | CVE-2022-22739 | Unspecified vulnerability in Mozilla Firefox Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol. | 6.5 |
| 2022-12-22 | CVE-2022-22740 | Use After Free vulnerability in Mozilla Firefox Certain network request objects were freed too early when releasing a network request handle. | 8.8 |
| 2022-12-22 | CVE-2022-22741 | Unspecified vulnerability in Mozilla Firefox When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. | 7.5 |
| 2022-12-22 | CVE-2022-22742 | Out-of-bounds Read vulnerability in Mozilla Firefox When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. | 6.5 |