Vulnerabilities > Mozilla > Firefox > High

DATE CVE VULNERABILITY TITLE RISK
2021-06-24 CVE-2021-23997 Incorrect Conversion between Numeric Types vulnerability in Mozilla Firefox
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache.
network
low complexity
mozilla CWE-681
8.8
2021-06-24 CVE-2021-23999 Incorrect Comparison vulnerability in Mozilla Thunderbird
If a Blob URL was loaded through some unusual user interaction, it could have been loaded by the System Principal and granted additional privileges that should not be granted to web content.
network
low complexity
mozilla CWE-697
8.8
2021-06-24 CVE-2021-24002 Injection vulnerability in Mozilla Thunderbird
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server.
network
low complexity
mozilla CWE-74
8.8
2021-06-24 CVE-2021-29946 Integer Overflow or Wraparound vulnerability in Mozilla Thunderbird
Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header.
network
low complexity
mozilla CWE-190
8.8
2021-06-24 CVE-2021-29947 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 87.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-29952 Race Condition vulnerability in Mozilla Firefox
When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code.
network
high complexity
mozilla CWE-362
7.5
2021-06-24 CVE-2021-29964 Out-of-bounds Read vulnerability in Mozilla Firefox
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read.
local
low complexity
mozilla CWE-125
7.1
2021-06-24 CVE-2021-29966 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 88.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-29967 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
Mozilla developers reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11.
network
low complexity
mozilla CWE-787
8.8
2021-06-24 CVE-2021-29968 Out-of-bounds Read vulnerability in Mozilla Firefox
When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur.
network
low complexity
mozilla CWE-125
8.1