Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-23	CVE-2024-0753	In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. network low complexity mozilla debian	6.5
2024-01-23	CVE-2024-0754	Unspecified vulnerability in Mozilla Firefox Some WASM source files could have caused a crash when loaded in devtools. network low complexity mozilla	6.5
2024-01-22	CVE-2024-0606	Cross-site Scripting vulnerability in Mozilla Firefox Focus An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. network low complexity mozilla CWE-79	6.1
2023-12-19	CVE-2023-50761	The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. network low complexity mozilla debian	4.3
2023-12-19	CVE-2023-50762	When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. network low complexity mozilla debian	4.3
2023-12-19	CVE-2023-6135	Information Exposure Through Discrepancy vulnerability in Mozilla Firefox Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". network low complexity mozilla CWE-203	4.3
2023-12-19	CVE-2023-6857	Race Condition vulnerability in multiple products When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. network high complexity mozilla debian CWE-362	5.3
2023-12-19	CVE-2023-6860	The `VideoBridge` allowed any content process to use textures produced by remote decoders. network low complexity mozilla debian	6.5
2023-12-19	CVE-2023-6865	`EncryptingOutputStream` was susceptible to exposing uninitialized data. network low complexity mozilla debian	6.5
2023-12-19	CVE-2023-6867	Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. network low complexity mozilla debian CWE-1021	6.1