Vulnerabilities > Mozilla > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-06 CVE-2024-7520 Type Confusion vulnerability in Mozilla Firefox
A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution.
network
low complexity
mozilla CWE-843
8.8
2024-08-06 CVE-2024-7521 Improper Handling of Exceptional Conditions vulnerability in Mozilla Firefox
Incomplete WebAssembly exception handing could have led to a use-after-free.
network
low complexity
mozilla CWE-755
8.8
2024-08-06 CVE-2024-7522 Out-of-bounds Read vulnerability in Mozilla Firefox
Editor code failed to check an attribute value.
network
low complexity
mozilla CWE-125
8.8
2024-08-06 CVE-2024-7523 Unspecified vulnerability in Mozilla Firefox
A select option could partially obscure security prompts.
network
low complexity
mozilla
8.1
2024-08-06 CVE-2024-7525 Incorrect Default Permissions vulnerability in Mozilla Firefox
It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site.
network
low complexity
mozilla CWE-276
8.1
2024-08-06 CVE-2024-7527 Use After Free vulnerability in Mozilla Firefox
Unexpected marking work at the start of sweeping could have led to a use-after-free.
network
low complexity
mozilla CWE-416
8.8
2024-08-06 CVE-2024-7528 Use After Free vulnerability in Mozilla Firefox
Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free.
network
low complexity
mozilla CWE-416
8.8
2024-08-06 CVE-2024-7530 Use After Free vulnerability in Mozilla Firefox
Incorrect garbage collection interaction could have led to a use-after-free.
network
low complexity
mozilla CWE-416
8.8
2024-07-09 CVE-2024-6609 Unspecified vulnerability in Mozilla Firefox
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again.
network
low complexity
mozilla
8.8
2024-06-11 CVE-2024-5694 Use After Free vulnerability in Mozilla Firefox
An attacker could have caused a use-after-free in the JavaScript engine to read memory in the JavaScript string section of the heap.
network
low complexity
mozilla CWE-416
7.5