Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-26 | CVE-2021-23962 | Unspecified vulnerability in Mozilla Firefox Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. | 8.8 |
| 2021-02-26 | CVE-2021-23961 | Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. | 7.4 |
| 2021-02-26 | CVE-2021-23960 | Unspecified vulnerability in Mozilla Firefox Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. | 8.8 |
| 2021-02-26 | CVE-2021-23957 | Unspecified vulnerability in Mozilla Firefox Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. | 7.4 |
| 2021-02-26 | CVE-2021-23954 | Type Confusion vulnerability in Mozilla Firefox Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. | 8.8 |
| 2021-02-26 | CVE-2021-23976 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. | 8.1 |
| 2021-02-26 | CVE-2021-23972 | Unspecified vulnerability in Mozilla Firefox One phishing tactic on the web is to provide a link with HTTP Auth. | 8.8 |
| 2021-01-07 | CVE-2020-35114 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 83. | 8.8 |
| 2021-01-07 | CVE-2020-35113 | Out-of-bounds Write vulnerability in Mozilla Firefox ESR Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. | 8.8 |
| 2021-01-07 | CVE-2020-35112 | Unspecified vulnerability in Mozilla Firefox If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. | 8.8 |