Vulnerabilities > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2024-01-23 CVE-2024-0750 A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions.
network
low complexity
mozilla debian
8.8
2024-01-23 CVE-2024-0751 Improper Privilege Management vulnerability in multiple products
A malicious devtools extension could have been used to escalate privileges.
network
low complexity
mozilla debian CWE-269
8.8
2024-01-23 CVE-2024-0752 Use After Free vulnerability in Mozilla Firefox
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system.
network
low complexity
mozilla CWE-416
6.5
2024-01-23 CVE-2024-0753 In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain.
network
low complexity
mozilla debian
6.5
2024-01-23 CVE-2024-0754 Unspecified vulnerability in Mozilla Firefox
Some WASM source files could have caused a crash when loaded in devtools.
network
low complexity
mozilla
6.5
2024-01-23 CVE-2024-0755 Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.
network
low complexity
mozilla debian
8.8
2024-01-22 CVE-2024-0605 Race Condition vulnerability in Mozilla Firefox Focus
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar.
network
high complexity
mozilla CWE-362
7.5
2024-01-22 CVE-2024-0606 Cross-site Scripting vulnerability in Mozilla Firefox Focus
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage.
network
low complexity
mozilla CWE-79
6.1
2023-12-19 CVE-2023-50761 The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time.
network
low complexity
mozilla debian
4.3
2023-12-19 CVE-2023-50762 When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user.
network
low complexity
mozilla debian
4.3