Vulnerabilities > Mozilla > Firefox > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-20 | CVE-2024-1552 | Incorrect Conversion between Numeric Types vulnerability in multiple products Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. | 7.5 |
2024-01-23 | CVE-2024-0743 | Unchecked Return Value vulnerability in Mozilla Firefox An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. | 7.5 |
2024-01-23 | CVE-2024-0744 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox In some circumstances, JIT compiled code could have dereferenced a wild pointer value. | 7.5 |
2024-01-23 | CVE-2024-0745 | Out-of-bounds Write vulnerability in Mozilla Firefox The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. | 8.8 |
2024-01-23 | CVE-2024-0750 | A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. | 8.8 |
2024-01-23 | CVE-2024-0751 | Improper Privilege Management vulnerability in multiple products A malicious devtools extension could have been used to escalate privileges. | 8.8 |
2024-01-23 | CVE-2024-0755 | Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. | 8.8 |
2023-12-19 | CVE-2023-6856 | Out-of-bounds Write vulnerability in multiple products The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. | 8.8 |
2023-12-19 | CVE-2023-6858 | Out-of-bounds Write vulnerability in multiple products Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. | 8.8 |
2023-12-19 | CVE-2023-6859 | Use After Free vulnerability in multiple products A use-after-free condition affected TLS socket creation when under memory pressure. | 8.8 |