Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-24 | CVE-2021-29944 | Cross-site Scripting vulnerability in Mozilla Firefox Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. | 6.1 |
| 2021-06-24 | CVE-2021-29945 | Incorrect Calculation vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. | 6.5 |
| 2021-06-24 | CVE-2021-29946 | Integer Overflow or Wraparound vulnerability in Mozilla Thunderbird Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. | 8.8 |
| 2021-06-24 | CVE-2021-29947 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 87. | 8.8 |
| 2021-06-24 | CVE-2021-29948 | Race Condition vulnerability in Mozilla Thunderbird Signatures are written to disk before and read during verification, which might be subject to a race condition when a malicious local process or user is replacing the file. | 2.5 |
| 2021-06-24 | CVE-2021-29949 | Uncontrolled Search Path Element vulnerability in Mozilla Thunderbird When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. | 7.8 |
| 2021-06-24 | CVE-2021-29950 | Cleartext Storage of Sensitive Information vulnerability in Mozilla Thunderbird Thunderbird unprotects a secret OpenPGP key prior to using it for a decryption, signing or key import task. | 7.5 |
| 2021-06-24 | CVE-2021-29951 | Improper Privilege Management vulnerability in Mozilla Firefox The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. | 6.5 |
| 2021-06-24 | CVE-2021-29952 | Race Condition vulnerability in Mozilla Firefox When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. | 7.5 |
| 2021-06-24 | CVE-2021-29953 | Cross-site Scripting vulnerability in Mozilla Firefox A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. | 6.1 |