Vulnerabilities > Mozilla > Firefox
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-23 | CVE-2024-0750 | A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. | 8.8 |
2024-01-23 | CVE-2024-0751 | Improper Privilege Management vulnerability in multiple products A malicious devtools extension could have been used to escalate privileges. | 8.8 |
2024-01-23 | CVE-2024-0752 | Use After Free vulnerability in Mozilla Firefox A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. | 6.5 |
2024-01-23 | CVE-2024-0753 | In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. | 6.5 |
2024-01-23 | CVE-2024-0754 | Unspecified vulnerability in Mozilla Firefox Some WASM source files could have caused a crash when loaded in devtools. | 6.5 |
2024-01-23 | CVE-2024-0755 | Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. | 8.8 |
2023-12-19 | CVE-2023-6135 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". | 4.3 |
2023-12-19 | CVE-2023-6856 | Out-of-bounds Write vulnerability in multiple products The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. | 8.8 |
2023-12-19 | CVE-2023-6857 | Race Condition vulnerability in multiple products When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. | 5.3 |
2023-12-19 | CVE-2023-6858 | Out-of-bounds Write vulnerability in multiple products Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. | 8.8 |