Vulnerabilities > Mozilla > Firefox > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-17 CVE-2021-29988 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-787
8.8
2021-08-17 CVE-2021-29989 Out-of-bounds Write vulnerability in Mozilla Thunderbird
Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.12.
network
low complexity
mozilla CWE-787
8.8
2021-08-17 CVE-2021-29990 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 90.
network
low complexity
mozilla CWE-787
8.8
2021-08-05 CVE-2021-29970 Use After Free vulnerability in Mozilla Firefox
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2021-08-05 CVE-2021-29972 Use After Free vulnerability in Mozilla Firefox
A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library.
network
low complexity
mozilla CWE-416
8.8
2021-08-05 CVE-2021-29973 Unspecified vulnerability in Mozilla Firefox
Password autofill was enabled without user interaction on insecure websites on Firefox for Android.
network
low complexity
mozilla
8.8
2021-08-05 CVE-2021-29976 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird.
network
low complexity
mozilla CWE-787
8.8
2021-08-05 CVE-2021-29977 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 89.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-23994 Missing Initialization of Resource vulnerability in Mozilla Thunderbird
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.
network
low complexity
mozilla CWE-909
8.8
2021-06-24 CVE-2021-23995 Operation on a Resource after Expiration or Release vulnerability in Mozilla Thunderbird
When Responsive Design Mode was enabled, it used references to objects that were previously freed.
network
low complexity
mozilla CWE-672
8.8