Vulnerabilities > Mozilla > Firefox > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-08 | CVE-2021-38504 | Use After Free vulnerability in multiple products When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. | 8.8 |
2021-12-08 | CVE-2021-38510 | Unspecified vulnerability in Mozilla Firefox The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. | 8.8 |
2021-12-08 | CVE-2021-43534 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. | 8.8 |
2021-12-08 | CVE-2021-43535 | Use After Free vulnerability in multiple products A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. | 8.8 |
2021-12-08 | CVE-2021-43537 | Incorrect Type Conversion or Cast vulnerability in multiple products An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. | 8.8 |
2021-12-08 | CVE-2021-43539 | Use After Free vulnerability in multiple products Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. | 8.8 |
2021-11-03 | CVE-2021-29991 | HTTP Request Smuggling vulnerability in Mozilla Thunderbird Firefox incorrectly accepted a newline in a HTTP/3 header, interpretting it as two separate headers. | 8.1 |
2021-11-03 | CVE-2021-29993 | Unspecified vulnerability in Mozilla Firefox Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs. | 8.1 |
2021-11-03 | CVE-2021-38493 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. | 8.8 |
2021-11-03 | CVE-2021-38494 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 91. | 8.8 |