Vulnerabilities > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2024-06-11 CVE-2024-5698 Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar.
network
low complexity
mozilla CWE-1021
6.1
6.1
2024-02-05 CVE-2024-0953 Open Redirect vulnerability in Mozilla Firefox
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code.
network
low complexity
mozilla CWE-601
6.1
6.1
2024-01-23 CVE-2024-0741 Out-of-bounds Write vulnerability in multiple products
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
network
low complexity
mozilla debian CWE-787
6.5
6.5
2024-01-23 CVE-2024-0742 It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load.
network
low complexity
mozilla debian
4.3
4.3
2024-01-23 CVE-2024-0743 Unchecked Return Value vulnerability in Mozilla Firefox
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash.
network
low complexity
mozilla CWE-252
7.5
7.5
2024-01-23 CVE-2024-0744 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox
In some circumstances, JIT compiled code could have dereferenced a wild pointer value.
network
low complexity
mozilla CWE-119
7.5
7.5
2024-01-23 CVE-2024-0745 Out-of-bounds Write vulnerability in Mozilla Firefox
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow.
network
low complexity
mozilla CWE-787
8.8
8.8
2024-01-23 CVE-2024-0746 A Linux user opening the print preview dialog could have caused the browser to crash.
network
low complexity
mozilla debian
6.5
6.5
2024-01-23 CVE-2024-0747 When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy.
network
low complexity
mozilla debian
6.5
6.5
2024-01-23 CVE-2024-0748 Unspecified vulnerability in Mozilla Firefox
A compromised content process could have updated the document URI.
network
low complexity
mozilla
4.3
4.3