Vulnerabilities > Mozilla > Firefox > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-07 CVE-2020-26971 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers.
network
low complexity
mozilla CWE-787
8.8
2020-12-09 CVE-2020-26969 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 82.
network
low complexity
mozilla CWE-787
8.8
2020-12-09 CVE-2020-26968 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4.
network
low complexity
mozilla CWE-787
8.8
2020-12-09 CVE-2020-26960 Use After Free vulnerability in Mozilla Firefox
If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2020-12-09 CVE-2020-26959 Use After Free vulnerability in Mozilla Firefox
During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2020-12-09 CVE-2020-26952 Out-of-bounds Write vulnerability in Mozilla Firefox
Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.
network
low complexity
mozilla CWE-787
8.8
2020-12-09 CVE-2020-26950 Use After Free vulnerability in Mozilla Firefox ESR
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition.
network
low complexity
mozilla CWE-416
8.8
2020-10-22 CVE-2020-15681 Unspecified vulnerability in Mozilla Firefox
When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash.
network
low complexity
mozilla
7.5
2020-10-01 CVE-2020-15675 Use After Free vulnerability in Mozilla Firefox
When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2020-10-01 CVE-2020-15674 Improper Locking vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 80.
network
low complexity
mozilla CWE-667
8.8