Vulnerabilities > Mozilla > Firefox

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2024-0750 A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla debian
8.8
2024-01-23 CVE-2024-0751 Improper Privilege Management vulnerability in multiple products
A malicious devtools extension could have been used to escalate privileges.
network
low complexity
mozilla debian CWE-269
8.8
2024-01-23 CVE-2024-0752 Use After Free vulnerability in Mozilla Firefox
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system.
network
low complexity
mozilla CWE-416
6.5
2024-01-23 CVE-2024-0753 In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain.
network
low complexity
mozilla debian
6.5
2024-01-23 CVE-2024-0754 Unspecified vulnerability in Mozilla Firefox
Some WASM source files could have caused a crash when loaded in devtools.
network
low complexity
mozilla
6.5
2024-01-23 CVE-2024-0755 Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.
network
low complexity
mozilla debian
8.8
2023-12-19 CVE-2023-6135 Information Exposure Through Discrepancy vulnerability in Mozilla Firefox
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva".
network
low complexity
mozilla CWE-203
4.3
2023-12-19 CVE-2023-6856 Out-of-bounds Write vulnerability in multiple products
The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver.
network
low complexity
mozilla debian CWE-787
8.8
2023-12-19 CVE-2023-6857 Race Condition vulnerability in multiple products
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
network
high complexity
mozilla debian CWE-362
5.3
2023-12-19 CVE-2023-6858 Out-of-bounds Write vulnerability in multiple products
Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling.
network
low complexity
mozilla debian CWE-787
8.8