Vulnerabilities > Mozilla > Firefox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-03 | CVE-2024-8382 | Unspecified vulnerability in Mozilla Firefox ESR Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. | 8.8 |
| 2024-09-03 | CVE-2024-8383 | Unspecified vulnerability in Mozilla Firefox ESR Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. | 7.5 |
| 2024-09-03 | CVE-2024-8384 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. | 9.8 |
| 2024-09-03 | CVE-2024-8385 | Type Confusion vulnerability in Mozilla Firefox A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. | 9.8 |
| 2024-09-03 | CVE-2024-8386 | Open Redirect vulnerability in Mozilla Firefox If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. | 6.1 |
| 2024-09-03 | CVE-2024-8387 | Out-of-bounds Write vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. | 9.8 |
| 2024-09-03 | CVE-2024-8388 | Unspecified vulnerability in Mozilla Firefox Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. | 5.3 |
| 2024-09-03 | CVE-2024-8389 | Out-of-bounds Write vulnerability in Mozilla Firefox 129.0 Memory safety bugs present in Firefox 129. | 9.8 |
| 2024-08-06 | CVE-2024-43111 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-43112 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129. | 6.1 |