Search
Total
2335 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17010 | 2 Mozilla, Opensuse | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2021-07-21 | 5.1 MEDIUM | 7.5 HIGH |
| Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2019-17011 | 2 Mozilla, Opensuse | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2021-07-21 | 5.1 MEDIUM | 7.5 HIGH |
| Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2020-6811 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | |||||
| CVE-2019-9789 | 1 Mozilla | 1 Firefox | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers and community members reported memory safety bugs present in Firefox 65. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 66. | |||||
| CVE-2019-9802 | 1 Mozilla | 1 Firefox | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| If a Sandbox content process is compromised, it can initiate an FTP download which will then use a child process to render the downloaded data. The downloaded data can then be passed to the Chrome process with an arbitrary file length supplied by an attacker, bypassing sandbox protections and allow for a potential memory read of adjacent data from the privileged Chrome process, which may include sensitive data. This vulnerability affects Firefox < 66. | |||||
| CVE-2020-6821 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | |||||
| CVE-2019-17012 | 2 Mozilla, Opensuse | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2021-23998 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-23997 | 1 Mozilla | 1 Firefox | 2021-07-02 | 6.8 MEDIUM | 8.8 HIGH |
| Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 88. | |||||
| CVE-2021-24001 | 1 Mozilla | 1 Firefox | 2021-07-02 | 4.3 MEDIUM | 4.3 MEDIUM |
| A compromised content process could have performed session history manipulations it should not have been able to due to testing infrastructure that was not restricted to testing-only configurations. This vulnerability affects Firefox < 88. | |||||
| CVE-2021-29944 | 1 Mozilla | 1 Firefox | 2021-07-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 88. | |||||
| CVE-2021-24002 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-02 | 6.8 MEDIUM | 8.8 HIGH |
| When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the newlines would have been interpreted as such and allowed arbitrary commands to be sent to the FTP server. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-23995 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-02 | 5.1 MEDIUM | 8.8 HIGH |
| When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-23996 | 1 Mozilla | 1 Firefox | 2021-07-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88. | |||||
| CVE-2021-23994 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-02 | 6.8 MEDIUM | 8.8 HIGH |
| A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-29963 | 1 Mozilla | 1 Firefox | 2021-07-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| Address bar search suggestions in private browsing mode were re-using session data from normal mode. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. | |||||
| CVE-2021-29964 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2021-06-30 | 5.8 MEDIUM | 7.1 HIGH |
| A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would process incorrectly, leading to an out-of-bounds read. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 78.11, Firefox < 89, and Firefox ESR < 78.11. | |||||
| CVE-2021-29965 | 1 Mozilla | 1 Firefox | 2021-06-30 | 4.3 MEDIUM | 5.3 MEDIUM |
| A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. | |||||
| CVE-2021-29945 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-06-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-29953 | 1 Mozilla | 1 Firefox | 2021-06-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| A malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected. Further details are being temporarily withheld to allow users an opportunity to update.*. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3. | |||||
| CVE-2021-29955 | 1 Mozilla | 2 Firefox, Firefox Esr | 2021-06-30 | 2.6 LOW | 5.3 MEDIUM |
| A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87. | |||||
| CVE-2021-29952 | 1 Mozilla | 1 Firefox | 2021-06-25 | 5.1 MEDIUM | 7.5 HIGH |
| When Web Render components were destructed, a race condition could have caused undefined behavior, and we presume that with enough effort may have been exploitable to run arbitrary code. This vulnerability affects Firefox < 88.0.1 and Firefox for Android < 88.1.3. | |||||
| CVE-2021-29946 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-06-25 | 6.8 MEDIUM | 8.8 HIGH |
| Ports that were written as an integer overflow above the bounds of a 16-bit integer could have bypassed port blocking restrictions when used in the Alt-Svc header. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | |||||
| CVE-2021-29968 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2021-06-25 | 5.8 MEDIUM | 8.1 HIGH |
| When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1. | |||||
| CVE-2021-29962 | 1 Mozilla | 1 Firefox | 2021-06-25 | 4.3 MEDIUM | 4.3 MEDIUM |
| Firefox for Android would become unstable and hard-to-recover when a website opened too many popups. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89. | |||||
| CVE-2011-3656 | 1 Mozilla | 1 Firefox | 2021-06-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7 allows remote attackers to inject arbitrary web script or HTML via vectors involving HTTP 0.9 errors, non-default ports, and content-sniffing. | |||||
| CVE-2007-5967 | 1 Mozilla | 1 Firefox | 2021-05-26 | 4.3 MEDIUM | 6.5 MEDIUM |
| A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval. | |||||
| CVE-2019-17026 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-05-13 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1. | |||||
| CVE-2021-20628 | 2 Cybozu, Mozilla | 2 Office, Firefox | 2021-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox. | |||||
| CVE-2014-1520 | 3 Fedoraproject, Microsoft, Mozilla | 4 Fedora, Windows, Firefox and 1 more | 2021-03-17 | 6.9 MEDIUM | N/A |
| maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process. | |||||
| CVE-2013-0800 | 5 Canonical, Debian, Mozilla and 2 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2021-03-11 | 6.8 MEDIUM | N/A |
| Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. | |||||
| CVE-2021-23953 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-03-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | |||||
| CVE-2021-23954 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | |||||
| CVE-2021-23960 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploitable crash. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7. | |||||
| CVE-2021-23962 | 1 Mozilla | 1 Firefox | 2021-03-03 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23958 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23956 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23963 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23955 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickjacking attacks. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23959 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. | |||||
| CVE-2021-23957 | 1 Mozilla | 1 Firefox | 2021-03-03 | 4.3 MEDIUM | 7.4 HIGH |
| Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85. | |||||
| CVE-2019-11745 | 6 Canonical, Debian, Mozilla and 3 more | 23 Ubuntu Linux, Debian Linux, Firefox and 20 more | 2021-02-19 | 6.8 MEDIUM | 8.8 HIGH |
| When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. | |||||
| CVE-2020-26976 | 2 Debian, Mozilla | 2 Debian Linux, Firefox | 2021-02-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. This vulnerability affects Firefox < 84. | |||||
| CVE-2020-35113 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-01-12 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. | |||||
| CVE-2020-35114 | 1 Mozilla | 1 Firefox | 2021-01-12 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84. | |||||
| CVE-2020-35112 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2021-01-12 | 6.8 MEDIUM | 8.8 HIGH |
| If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. | |||||
| CVE-2020-35111 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-01-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| When an extension with the proxy permission registered to receive <all_urls>, the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. | |||||
| CVE-2020-26979 | 1 Mozilla | 1 Firefox | 2021-01-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the desired, entered address. To construct a convincing spoof the attacker would have had to guess what the user was typing, perhaps by suggesting it. This vulnerability affects Firefox < 84. | |||||
| CVE-2020-26978 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-01-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6. | |||||
| CVE-2020-26977 | 1 Mozilla | 1 Firefox | 2021-01-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84. | |||||