Vulnerabilities > Mozilla > Firefox

DATE CVE VULNERABILITY TITLE RISK
2024-06-11 CVE-2024-5689 Unspecified vulnerability in Mozilla Firefox
In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing.
network
low complexity
mozilla
4.3
2024-06-11 CVE-2024-5690 Information Exposure Through Discrepancy vulnerability in multiple products
By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system.
network
low complexity
mozilla debian CWE-203
4.3
2024-06-11 CVE-2024-5691 Unspecified vulnerability in Mozilla Firefox
By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window.
network
low complexity
mozilla
4.7
2024-06-11 CVE-2024-5694 Use After Free vulnerability in Mozilla Firefox
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap.
network
low complexity
mozilla CWE-416
7.5
2024-06-11 CVE-2024-5695 Out-of-bounds Write vulnerability in Mozilla Firefox
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred.
network
low complexity
mozilla CWE-787
critical
9.8
2024-06-11 CVE-2024-5697 Unspecified vulnerability in Mozilla Firefox
A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox.
network
low complexity
mozilla
4.3
2024-06-11 CVE-2024-5698 Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar.
network
low complexity
mozilla CWE-1021
6.1
2024-02-05 CVE-2024-0953 Open Redirect vulnerability in Mozilla Firefox
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code.
network
low complexity
mozilla CWE-601
6.1
2024-01-23 CVE-2024-0741 Out-of-bounds Write vulnerability in multiple products
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla debian CWE-787
6.5
2024-01-23 CVE-2024-0742 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load.
network
low complexity
mozilla debian
4.3