Vulnerabilities > Mozilla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-10464 | Out-of-bounds Read vulnerability in Mozilla Thunderbird Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. | 6.5 |
| 2024-10-29 | CVE-2024-10465 | Authentication Bypass by Spoofing vulnerability in Mozilla Thunderbird A clipboard "paste" button could persist across tabs which allowed a spoofing attack. | 6.5 |
| 2024-10-29 | CVE-2024-10468 | Race Condition vulnerability in Mozilla Firefox Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. | 5.3 |
| 2024-10-29 | CVE-2024-10474 | Unspecified vulnerability in Mozilla Firefox Focus 122.0 Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132. | 6.5 |
| 2024-10-01 | CVE-2024-9397 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. | 6.1 |
| 2024-10-01 | CVE-2024-9398 | Unspecified vulnerability in Mozilla Firefox By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. | 5.3 |
| 2024-09-17 | CVE-2024-8897 | Open Redirect vulnerability in Mozilla Firefox Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. | 6.1 |
| 2024-09-06 | CVE-2024-8394 | Use After Free vulnerability in Mozilla Thunderbird When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. | 6.5 |
| 2024-09-03 | CVE-2024-8399 | Unspecified vulnerability in Mozilla Firefox Focus 122.0 Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130. | 4.7 |
| 2024-09-03 | CVE-2024-8386 | Open Redirect vulnerability in Mozilla Firefox If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. | 6.1 |