Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-31 | CVE-2021-23981 | Out-of-bounds Write vulnerability in Mozilla Firefox A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. | 8.1 |
| 2021-03-08 | CVE-2021-21354 | Unspecified vulnerability in Mozilla Pollbot Pollbot is open source software which "frees its human masters from the toilsome task of polling for the state of things during the Firefox release process." In Pollbot before version 1.4.4 there is an open redirection vulnerability in the path of "https://pollbot.services.mozilla.com/". | 6.1 |
| 2021-02-26 | CVE-2021-23979 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 85. | 8.8 |
| 2021-02-26 | CVE-2021-23978 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. | 8.8 |
| 2021-02-26 | CVE-2021-23965 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 84. | 8.8 |
| 2021-02-26 | CVE-2021-23964 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. | 8.8 |
| 2021-02-26 | CVE-2021-23977 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. | 5.3 |
| 2021-02-26 | CVE-2021-23963 | Improper Preservation of Permissions vulnerability in Mozilla Firefox When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. | 4.3 |
| 2021-02-26 | CVE-2021-23962 | Unspecified vulnerability in Mozilla Firefox Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. | 8.8 |
| 2021-02-26 | CVE-2021-23961 | Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. | 7.4 |