Vulnerabilities > Mozilla > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-19 CVE-2023-6860 The `VideoBridge` allowed any content process to use textures produced by remote decoders.
network
low complexity
mozilla debian
6.5
2023-12-19 CVE-2023-6865 `EncryptingOutputStream` was susceptible to exposing uninitialized data.
network
low complexity
mozilla debian
6.5
2023-12-19 CVE-2023-6867 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts.
network
low complexity
mozilla debian CWE-1021
6.1
2023-12-19 CVE-2023-6868 Unspecified vulnerability in Mozilla Firefox
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one.
network
low complexity
mozilla
4.3
2023-12-19 CVE-2023-6869 Unspecified vulnerability in Mozilla Firefox
A `<dialog>` element could have been manipulated to paint content outside of a sandboxed iframe.
network
low complexity
mozilla
6.5
2023-12-19 CVE-2023-6870 Unspecified vulnerability in Mozilla Firefox
Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox.
network
low complexity
mozilla
4.3
2023-12-19 CVE-2023-6871 Unspecified vulnerability in Mozilla Firefox
Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler.
network
low complexity
mozilla
4.3
2023-12-19 CVE-2023-6872 Unspecified vulnerability in Mozilla Firefox
Browser tab titles were being leaked by GNOME to system logs.
network
low complexity
mozilla
6.5
2023-12-12 CVE-2023-4421 Information Exposure Through Discrepancy vulnerability in Mozilla NSS
The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks.
network
low complexity
mozilla CWE-203
6.5
2023-11-21 CVE-2023-49061 Open Redirect vulnerability in Mozilla Firefox
An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information.
network
low complexity
mozilla CWE-601
6.1