Vulnerabilities > Mozilla > Firefox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-03 | CVE-2024-8386 | Open Redirect vulnerability in Mozilla Firefox If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. | 6.1 |
| 2024-09-03 | CVE-2024-8388 | Unspecified vulnerability in Mozilla Firefox Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. | 5.3 |
| 2024-08-06 | CVE-2024-43111 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-43112 | Cross-site Scripting vulnerability in Mozilla Firefox Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-43113 | Cross-site Scripting vulnerability in Mozilla Firefox The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129. | 6.1 |
| 2024-08-06 | CVE-2024-7518 | Unspecified vulnerability in Mozilla Firefox Select options could obscure the fullscreen notification dialog. | 6.5 |
| 2024-08-06 | CVE-2024-7524 | Cross-site Scripting vulnerability in Mozilla Firefox Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. | 6.1 |
| 2024-08-06 | CVE-2024-7526 | Use of Uninitialized Resource vulnerability in Mozilla Firefox ANGLE failed to initialize parameters which lead to reading from uninitialized memory. | 6.5 |
| 2024-08-06 | CVE-2024-7529 | Unspecified vulnerability in Mozilla Firefox The date picker could partially obscure security prompts. | 6.5 |
| 2024-08-06 | CVE-2024-7531 | Unspecified vulnerability in Mozilla Firefox Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. | 6.5 |