Vulnerabilities > Mozilla > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-24 | CVE-2020-6825 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. | 9.8 |
| 2020-04-24 | CVE-2020-6823 | Missing Authorization vulnerability in Mozilla Firefox A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. | 9.8 |
| 2020-03-25 | CVE-2020-6815 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers reported memory safety and script safety bugs present in Firefox 73. | 9.8 |
| 2020-03-25 | CVE-2020-6814 | Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. | 9.8 |
| 2020-01-08 | CVE-2019-9812 | Unspecified vulnerability in Mozilla Firefox Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. | 9.3 |
| 2019-09-27 | CVE-2019-11734 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 68. | 9.8 |
| 2019-09-27 | CVE-2019-11733 | Improper Authentication vulnerability in Mozilla Firefox When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. | 9.8 |
| 2019-07-23 | CVE-2019-9820 | Use After Free vulnerability in Mozilla Firefox ESR A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. | 9.8 |
| 2019-07-23 | CVE-2019-9819 | Type Confusion vulnerability in Mozilla Thunderbird A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash. | 9.8 |
| 2019-07-23 | CVE-2019-9814 | Out-of-bounds Write vulnerability in Mozilla Firefox Mozilla developers and community members reported memory safety bugs present in Firefox 66. | 9.8 |