Vulnerabilities > Mozilla > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-31 CVE-2021-23981 Out-of-bounds Write vulnerability in Mozilla Firefox
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash.
network
low complexity
mozilla CWE-787
8.1
8.1
2021-02-26 CVE-2021-23979 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 85.
network
low complexity
mozilla CWE-787
8.8
8.8
2021-02-26 CVE-2021-23978 Out-of-bounds Write vulnerability in multiple products
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7.
network
low complexity
mozilla debian CWE-787
8.8
8.8
2021-02-26 CVE-2021-23965 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 84.
network
low complexity
mozilla CWE-787
8.8
8.8
2021-02-26 CVE-2021-23964 Out-of-bounds Write vulnerability in Mozilla Firefox
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6.
network
low complexity
mozilla CWE-787
8.8
8.8
2021-02-26 CVE-2021-23962 Unspecified vulnerability in Mozilla Firefox
Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash.
network
low complexity
mozilla
8.8
8.8
2021-02-26 CVE-2021-23961 Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine.
network
low complexity
mozilla debian
7.4
7.4
2021-02-26 CVE-2021-23960 Unspecified vulnerability in Mozilla Firefox
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash.
network
low complexity
mozilla
8.8
8.8
2021-02-26 CVE-2021-23957 Unspecified vulnerability in Mozilla Firefox
Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox.
network
low complexity
mozilla
7.4
7.4
2021-02-26 CVE-2021-23954 Type Confusion vulnerability in Mozilla Firefox
Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash.
network
low complexity
mozilla CWE-843
8.8
8.8