Vulnerabilities > Mozilla > Firefox > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-09 CVE-2024-9680 Use After Free vulnerability in multiple products
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines.
network
low complexity
mozilla debian CWE-416
critical
9.8
2024-09-03 CVE-2024-8389 Out-of-bounds Write vulnerability in Mozilla Firefox 129.0
Memory safety bugs present in Firefox 129.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-03 CVE-2024-8387 Out-of-bounds Write vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-03 CVE-2024-8385 Type Confusion vulnerability in Mozilla Firefox
A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability.
network
low complexity
mozilla CWE-843
critical
9.8
2024-09-03 CVE-2024-8384 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-03 CVE-2024-8381 Type Confusion vulnerability in Mozilla Firefox ESR
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment.
network
low complexity
mozilla CWE-843
critical
9.8
2024-08-06 CVE-2024-7519 Out-of-bounds Write vulnerability in Mozilla Firefox
Insufficient checks when processing graphics shared memory could have led to memory corruption.
network
low complexity
mozilla CWE-787
critical
9.6
2024-06-11 CVE-2024-5695 Out-of-bounds Write vulnerability in Mozilla Firefox
If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred.
network
low complexity
mozilla CWE-787
critical
9.8
2023-11-21 CVE-2023-49060 Unspecified vulnerability in Mozilla Firefox
An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute.
network
low complexity
mozilla
critical
9.8
2023-10-25 CVE-2023-5731 Out-of-bounds Write vulnerability in Mozilla Firefox
Memory safety bugs present in Firefox 118.
network
low complexity
mozilla CWE-787
critical
9.8