Vulnerabilities > Mozilla > Firefox > High

DATE CVE VULNERABILITY TITLE RISK
2023-08-24 CVE-2022-46884 Use After Free vulnerability in Mozilla Firefox
A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time.
network
low complexity
mozilla CWE-416
8.8
2023-08-01 CVE-2023-4055 When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state.
network
low complexity
mozilla debian
7.5
2023-08-01 CVE-2023-4047 A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla debian
8.8
2023-08-01 CVE-2023-4048 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations.
network
low complexity
mozilla debian CWE-125
7.5
2023-08-01 CVE-2023-4050 Out-of-bounds Write vulnerability in multiple products
In some cases, an untrusted input stream was copied to a stack buffer without checking its size.
network
low complexity
mozilla debian CWE-787
7.5
2023-08-01 CVE-2023-4051 Unspecified vulnerability in Mozilla Firefox
A website could have obscured the full screen notification by using the file open dialog.
network
low complexity
mozilla
7.5
2023-07-12 CVE-2023-3600 Use After Free vulnerability in Mozilla Firefox
During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2023-07-05 CVE-2023-37203 Unspecified vulnerability in Mozilla Firefox
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files.
local
low complexity
mozilla
7.8
2023-07-05 CVE-2023-37209 Use After Free vulnerability in Mozilla Firefox
A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained.
network
low complexity
mozilla CWE-416
8.8
2023-07-05 CVE-2023-37211 Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12.
network
low complexity
mozilla debian CWE-787
8.8