Vulnerabilities > Mozilla > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-02 | CVE-2023-32205 | Unspecified vulnerability in Mozilla Firefox In multiple cases browser prompts could have been obscured by popups controlled by content. | 4.3 |
2023-06-02 | CVE-2023-32206 | Out-of-bounds Read vulnerability in Mozilla Firefox An out-of-bound read could have led to a crash in the RLBox Expat driver. | 6.5 |
2023-06-02 | CVE-2023-32211 | Unspecified vulnerability in Mozilla Firefox A type checking bug would have led to invalid code being compiled. | 6.5 |
2023-06-02 | CVE-2023-32212 | Unspecified vulnerability in Mozilla Firefox An attacker could have positioned a <code>datalist</code> element to obscure the address bar. | 4.3 |
2023-02-16 | CVE-2019-17003 | Cross-site Scripting vulnerability in Mozilla Firefox Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed. | 6.1 |
2023-02-16 | CVE-2020-12413 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. | 5.9 |
2023-02-16 | CVE-2021-23980 | Cross-site Scripting vulnerability in Mozilla Bleach A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True. | 6.1 |
2023-02-16 | CVE-2022-0637 | Open Redirect vulnerability in Mozilla Pollbot open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6 | 6.1 |
2022-12-22 | CVE-2021-4126 | Unspecified vulnerability in Mozilla Thunderbird When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. | 6.5 |
2022-12-22 | CVE-2021-4128 | Use After Free vulnerability in Mozilla Firefox When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.<br>*This bug only affects Firefox on MacOS. | 6.5 |