Vulnerabilities > Mozilla > Focus > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-29536 Use After Free vulnerability in Mozilla products
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash.
network
low complexity
mozilla CWE-416
8.8
2023-06-02 CVE-2023-29537 Race Condition vulnerability in Mozilla Firefox and Focus
Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code.
network
high complexity
mozilla CWE-362
7.5
2023-06-02 CVE-2023-29539 NULL Pointer Dereference vulnerability in Mozilla products
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character.
network
low complexity
mozilla CWE-476
8.8
2023-06-02 CVE-2023-29541 Improper Encoding or Escaping of Output vulnerability in Mozilla products
Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands.
network
low complexity
mozilla CWE-116
8.8
2023-06-02 CVE-2023-29543 Use After Free vulnerability in Mozilla Firefox and Focus
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector.
network
low complexity
mozilla CWE-416
8.8
2023-06-02 CVE-2023-29550 Unspecified vulnerability in Mozilla products
Memory safety bugs present in Firefox 111 and Firefox ESR 102.9.
network
low complexity
mozilla
8.8
2023-06-02 CVE-2023-29551 Out-of-bounds Write vulnerability in Mozilla Firefox and Focus
Memory safety bugs present in Firefox 111.
network
low complexity
mozilla CWE-787
8.8