Vulnerabilities > Mozilla > Firefox > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-28161 | Improper Preservation of Permissions vulnerability in Mozilla Firefox If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. | 8.8 |
| 2023-06-02 | CVE-2023-28162 | Incorrect Type Conversion or Cast vulnerability in Mozilla Firefox While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. | 8.8 |
| 2023-06-02 | CVE-2023-28176 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. | 8.8 |
| 2023-06-02 | CVE-2023-28177 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 110. | 8.8 |
| 2023-06-02 | CVE-2023-29536 | Use After Free vulnerability in Mozilla products An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. | 8.8 |
| 2023-06-02 | CVE-2023-29537 | Race Condition vulnerability in Mozilla Firefox and Focus Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. | 7.5 |
| 2023-06-02 | CVE-2023-29539 | NULL Pointer Dereference vulnerability in Mozilla products When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. | 8.8 |
| 2023-06-02 | CVE-2023-29541 | Improper Encoding or Escaping of Output vulnerability in Mozilla products Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. | 8.8 |
| 2023-06-02 | CVE-2023-29543 | Use After Free vulnerability in Mozilla Firefox and Focus An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. | 8.8 |
| 2023-06-02 | CVE-2023-29550 | Unspecified vulnerability in Mozilla products Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. | 8.8 |