Vulnerabilities > Mozilla > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2021-4221 Unspecified vulnerability in Mozilla Firefox
If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-1097 Use After Free vulnerability in Mozilla Firefox ESR
<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash.
network
low complexity
mozilla CWE-416
6.5
2022-12-22 CVE-2022-1196 Use After Free vulnerability in Mozilla Firefox ESR
After a VR Process is destroyed, a reference to it may have been retained and used, leading to a use-after-free and potentially exploitable crash.
network
low complexity
mozilla CWE-416
6.5
2022-12-22 CVE-2022-1197 Improper Certificate Validation vulnerability in Mozilla Thunderbird
When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked.
network
low complexity
mozilla CWE-295
5.4
2022-12-22 CVE-2022-1520 Unspecified vulnerability in Mozilla Thunderbird
When viewing an email message A, which contains an attached message B, where B is encrypted or digitally signed or both, Thunderbird may show an incorrect encryption or signature status.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-1834 Improper Certificate Validation vulnerability in Mozilla Thunderbird
When displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird would have displayed all the spaces.
network
low complexity
mozilla CWE-295
6.5
2022-12-22 CVE-2022-22739 Unspecified vulnerability in Mozilla Firefox
Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol.
network
low complexity
mozilla
6.5
2022-12-22 CVE-2022-22742 Out-of-bounds Read vulnerability in Mozilla Firefox
When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash.
network
low complexity
mozilla CWE-125
6.5
2022-12-22 CVE-2022-22743 Unspecified vulnerability in Mozilla Firefox
When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode.
network
low complexity
mozilla
4.3
2022-12-22 CVE-2022-22745 Unspecified vulnerability in Mozilla Firefox
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations.
network
low complexity
mozilla
6.5