Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-5694 | Use After Free vulnerability in Mozilla Firefox An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap. | 7.5 |
| 2024-06-11 | CVE-2024-5695 | Out-of-bounds Write vulnerability in Mozilla Firefox If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could have occurred. | 9.8 |
| 2024-06-11 | CVE-2024-5697 | Unspecified vulnerability in Mozilla Firefox A website was able to detect when a user took a screenshot of a page using the built-in Screenshot functionality in Firefox. | 4.3 |
| 2024-06-11 | CVE-2024-5698 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. | 6.1 |
| 2024-05-14 | CVE-2024-4367 | A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. | 8.8 |
| 2024-05-14 | CVE-2024-4774 | Unspecified vulnerability in Mozilla Firefox The `ShmemCharMapHashEntry()` code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. | 6.5 |
| 2024-05-14 | CVE-2024-4777 | Out-of-bounds Write vulnerability in multiple products Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. | 8.8 |
| 2024-04-16 | CVE-2024-3863 | Unspecified vulnerability in Mozilla Thunderbird The executable file warning was not presented when downloading .xrm-ms files. | 9.8 |
| 2024-02-22 | CVE-2024-1563 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mozilla Firefox Focus An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. | 8.1 |
| 2024-02-22 | CVE-2024-26284 | Cross-site Scripting vulnerability in Mozilla Firefox Focus Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website. | 6.1 |