Vulnerabilities > Mozilla
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-02 | CVE-2011-3656 | Cross-site Scripting vulnerability in Mozilla Firefox Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTTP 0.9 errors, non-default ports, and content-sniffing. | 6.1 |
2021-05-27 | CVE-2020-12403 | Out-of-bounds Read vulnerability in Mozilla NSS A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. | 9.1 |
2021-05-17 | CVE-2007-5967 | Unspecified vulnerability in Mozilla Firefox A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval. | 6.5 |
2021-03-31 | CVE-2021-23988 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 86. | 8.8 |
2021-03-31 | CVE-2021-23987 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. | 8.8 |
2021-03-31 | CVE-2021-23986 | Origin Validation Error vulnerability in Mozilla Firefox A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. | 6.5 |
2021-03-31 | CVE-2021-23985 | Unspecified vulnerability in Mozilla Firefox If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. | 6.5 |
2021-03-31 | CVE-2021-23984 | Authentication Bypass by Spoofing vulnerability in Mozilla Firefox A malicious extension could have opened a popup window lacking an address bar. | 6.5 |
2021-03-31 | CVE-2021-23983 | Out-of-bounds Write vulnerability in Mozilla Firefox By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. | 6.5 |
2021-03-31 | CVE-2021-23982 | Inadequate Encryption Strength vulnerability in Mozilla Firefox Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. | 6.5 |