Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-22 | CVE-2022-1802 | Unspecified vulnerability in Mozilla Thunderbird If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. | 8.8 |
| 2022-12-22 | CVE-2022-22736 | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. | 7.0 |
| 2022-12-22 | CVE-2022-22737 | Race Condition vulnerability in Mozilla Firefox Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. | 7.5 |
| 2022-12-22 | CVE-2022-22738 | Out-of-bounds Write vulnerability in Mozilla Firefox Applying a CSS filter effect could have accessed out of bounds memory. | 8.8 |
| 2022-12-22 | CVE-2022-22740 | Use After Free vulnerability in Mozilla Firefox Certain network request objects were freed too early when releasing a network request handle. | 8.8 |
| 2022-12-22 | CVE-2022-22741 | Unspecified vulnerability in Mozilla Firefox When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. | 7.5 |
| 2022-12-22 | CVE-2022-22744 | Improper Encoding or Escaping of Output vulnerability in Mozilla Firefox The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. | 8.8 |
| 2022-12-22 | CVE-2022-22751 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Calixte Denizet, Kershaw Chang, Christian Holler, Jason Kratzer, Gabriele Svelto, Tyson Smith, Simon Giesecke, and Steve Fink reported memory safety bugs present in Firefox 95 and Firefox ESR 91.4. | 8.8 |
| 2022-12-22 | CVE-2022-22752 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. | 8.8 |
| 2022-12-22 | CVE-2022-22753 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. | 7.1 |