Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-01 | CVE-2023-4047 | A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. | 8.8 |
| 2023-08-01 | CVE-2023-4048 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. | 7.5 |
| 2023-08-01 | CVE-2023-4049 | Race Condition vulnerability in multiple products Race conditions in reference counting code were found through code inspection. | 5.9 |
| 2023-08-01 | CVE-2023-4050 | Out-of-bounds Write vulnerability in multiple products In some cases, an untrusted input stream was copied to a stack buffer without checking its size. | 7.5 |
| 2023-08-01 | CVE-2023-4051 | Unspecified vulnerability in Mozilla Firefox A website could have obscured the full screen notification by using the file open dialog. | 7.5 |
| 2023-08-01 | CVE-2023-4052 | Link Following vulnerability in Mozilla Firefox The Firefox updater created a directory writable by non-privileged users. | 6.5 |
| 2023-08-01 | CVE-2023-4053 | Link Following vulnerability in Mozilla Firefox A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. | 6.5 |
| 2023-07-24 | CVE-2023-3417 | Thunderbird allowed the Text Direction Override Unicode Character in filenames. | 7.5 |
| 2023-07-12 | CVE-2023-37455 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. | 5.4 |
| 2023-07-12 | CVE-2023-37456 | Unspecified vulnerability in Mozilla Firefox The session restore helper crashed whenever there was no parameter sent to the message handler. | 6.5 |