Vulnerabilities > Mozilla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7524 | Cross-site Scripting vulnerability in Mozilla Firefox Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. | 6.1 |
| 2024-08-06 | CVE-2024-7526 | Use of Uninitialized Resource vulnerability in Mozilla Firefox ANGLE failed to initialize parameters which lead to reading from uninitialized memory. | 6.5 |
| 2024-08-06 | CVE-2024-7529 | Unspecified vulnerability in Mozilla Firefox The date picker could partially obscure security prompts. | 6.5 |
| 2024-08-06 | CVE-2024-7531 | Unspecified vulnerability in Mozilla Firefox Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. | 6.5 |
| 2024-07-09 | CVE-2024-6608 | Unspecified vulnerability in Mozilla Firefox It was possible to move the cursor using pointerlock from an iframe. | 4.3 |
| 2024-07-09 | CVE-2024-6610 | Unspecified vulnerability in Mozilla Firefox Form validation popups could capture escape key presses. | 4.3 |
| 2024-06-13 | CVE-2024-38312 | Unspecified vulnerability in Mozilla Firefox When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. | 6.5 |
| 2024-06-13 | CVE-2024-38313 | Unspecified vulnerability in Mozilla Firefox In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS < 127. | 4.3 |
| 2024-06-11 | CVE-2024-5689 | Unspecified vulnerability in Mozilla Firefox In addition to detecting when a user was taking a screenshot (XXX), a website was able to overlay the 'My Shots' button that appeared, and direct the user to a replica Firefox Screenshots page that could be used for phishing. | 4.3 |
| 2024-06-11 | CVE-2024-5690 | Information Exposure Through Discrepancy vulnerability in multiple products By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. | 4.3 |