Vulnerabilities > Mozilla > Firefox > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2024-0754 Unspecified vulnerability in Mozilla Firefox
Some WASM source files could have caused a crash when loaded in devtools.
network
low complexity
mozilla
6.5
2023-12-19 CVE-2023-6135 Information Exposure Through Discrepancy vulnerability in Mozilla Firefox
Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva".
network
low complexity
mozilla CWE-203
4.3
2023-12-19 CVE-2023-6857 Race Condition vulnerability in multiple products
When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary.
network
high complexity
mozilla debian CWE-362
5.3
2023-12-19 CVE-2023-6860 The `VideoBridge` allowed any content process to use textures produced by remote decoders.
network
low complexity
mozilla debian
6.5
2023-12-19 CVE-2023-6865 `EncryptingOutputStream` was susceptible to exposing uninitialized data.
network
low complexity
mozilla debian
6.5
2023-12-19 CVE-2023-6867 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts.
network
low complexity
mozilla debian CWE-1021
6.1
2023-12-19 CVE-2023-6868 Unspecified vulnerability in Mozilla Firefox
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one.
network
low complexity
mozilla
4.3
2023-12-19 CVE-2023-6869 Unspecified vulnerability in Mozilla Firefox
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe.
network
low complexity
mozilla
6.5
2023-12-19 CVE-2023-6870 Unspecified vulnerability in Mozilla Firefox
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox.
network
low complexity
mozilla
4.3
2023-12-19 CVE-2023-6871 Unspecified vulnerability in Mozilla Firefox
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler.
network
low complexity
mozilla
4.3