Mozilla Latest Vulnerabilities

November 26

Firefox for iOS Vulnerability Affects Address Visibility in Location URL Bar

CVE-2024-53976
MozillaFirefox For iOS

Non-Existent Port Vulnerability in Firefox for iOS Prior to 133

CVE-2024-53975
MozillaFirefox For iOS

Memory Safety Bugs Affect Firefox and Thunderbird

CVE-2024-11699
MozillaFirefox

Data Race Vulnerability in Firefox < 133

CVE-2024-11708
MozillaFirefox

Null Pointer Dereference Vulnerability in Firefox Affects Previous Versions

CVE-2024-11706
MozillaFirefox

Segmentation Fault Crash Due to Incorrect Handling of NULL `phKey` Parameter

CVE-2024-11705
MozillaFirefox

Firefox Flaw Causes Stuck Fullscreen Mode on macOS

CVE-2024-11698
MozillaFirefox

Memory Corruption Vulnerability Affects Firefox and Thunderbird

CVE-2024-11704
MozillaFirefox

Firefox Vulnerability Allows Malicious Code Execution Through Manipulation of Keypress Events

CVE-2024-11697
MozillaFirefox

Invalid Manifest File Could Disrupt Signature Validation in Firefox

CVE-2024-11696
MozillaFirefox

Firefox Vulnerability Allows Viewing Saved Passwords Without PIN Authentication

CVE-2024-11703
MozillaFirefox

Mozilla Firefox and Thunderbird vulnerability affects URL spoofing

CVE-2024-11695
MozillaFirefox

Inadvertent Bypass of Cross-Site Protection in Firefox

CVE-2024-11694
MozillaFirefox

Firefox Vulnerability Affects Users of Earlier Versions

CVE-2024-11693
MozillaFirefox

Mozilla Firefox Vulnerability Affects Private Browsing Data in the Cloud

CVE-2024-11702
MozillaFirefox

Mozilla Address Bar Vulnerability Affects Firefox and Thunderbird

CVE-2024-11701
MozillaFirefox

Mozilla Firefox Vulnerability Affects Select Dropdown Disclosure

CVE-2024-11692
MozillaFirefox

Mozilla warns of tapjacking vulnerability in Firefox and Thunderbird

CVE-2024-11700
MozillaFirefox

Apple macOS Marches Forward Despite Critical GPU Driver Flaw

CVE-2024-11691
MozillaFirefox

Improperly Controlled Modification of Object Prototype Attributes Vulnerability in Convict

CVE-2023-0163
MozillaConvict

Cross-Site Scripting (XSS) Vulnerability in Nunjucks Prior to Version 3.2.4

CVE-2023-2142
MozillaNunjucks

Root Privileges Vulnerability in Linux sccache

CVE-2023-1521
MozillaSccache

November 13

CVE-2024-11159
MozillaThunderbird4.3MEDIUM

November 6

Mozilla Firefox Vulnerability Affects Firefox Prior to Version 126

CVE-2024-10941
Mozilla

October 29

Second-Order Alert: Incorrectly Allowing Internal Links to Utilize App Scheme for Deeplinking Could Bypass URL Safety Checks

CVE-2024-10474
MozillaFocus For iOS6.5MEDIUM

Firefox Vulnerable to Memory Corruption Due to IndexedDB Race Conditions

CVE-2024-10468
MozillaFirefox5.3MEDIUM

Memory Safety Bugs Affecting Firefox and Thunderbird

CVE-2024-10467
MozillaFirefox8.8HIGH

Mozilla Discloses Firefox Push Message Vulnerability

CVE-2024-10466
MozillaFirefox7.5HIGH

Firefox Paste Vulnerability Could Lead to Spoofing Attacks

CVE-2024-10465
MozillaFirefox6.5MEDIUM

Mozilla Addresses Remote Code Execution Vulnerability in Firefox

CVE-2024-10464
MozillaFirefox6.5MEDIUM

Firefox Vulnerability Affects Video Frames in Some Situations

CVE-2024-10463
MozillaFirefox6.5MEDIUM

Firefox Vulnerability Could Allow Origin Spoofing in Permission Prompts

CVE-2024-10462
MozillaFirefox6.5MEDIUM

Mozilla Firefox Vulnerability Allows XSS Attacks

CVE-2024-10461
MozillaFirefox6.1MEDIUM

Firefox 132 and earlier vulnerable to data URL obstruction

CVE-2024-10460
MozillaFirefox5.3MEDIUM

Mozilla Firefox Vulnerability Affects Several Versions

CVE-2024-10459
MozillaFirefox7.5HIGH

Firefox Vulnerability: Permission Leak Due to Embed or Object Elements

CVE-2024-10458
MozillaFirefox7.5HIGH

October 15

Incorrect HTTPS Indicator in Firefox for iOS Prior to Version 131.2

CVE-2024-10004
MozillaFirefox For iOS

October 14

CVE-2024-9936
MozillaFirefox

October 9

Mozilla Firefox Vulnerability: Code Execution through Animation Timelines

CVE-2024-9680
MozillaFirefox🔥😄👾9.8CRITICAL

October 1

Memory Safety Bugs Uncovered in Firefox 130, Some Could Lead to Code Execution

CVE-2024-9403
MozillaFirefox

Firefox for Android Vulnerability: File Name with Many Spaces Triggers Extension Obscuration

CVE-2024-9395
MozillaFirefox

Firefox Full-Screen Mode Vulnerability Allows Spoofing

CVE-2024-9391
MozillaFirefox

Mozilla Addresses Memory Safety Bugs in Firefox, Firefox ESR, and Thunderbird

CVE-2024-9402
MozillaFirefox

Memory Safety Bugs Affect Firefox and Thunderbird

CVE-2024-9401
MozillaFirefox

Mozilla Orlando Memory Corruption Vulnerability

CVE-2024-9400
MozillaFirefox

Mozilla Firefox Crashes Due to Initiating Specially Crafted WebTransport Session

CVE-2024-9399
MozillaFirefox7.5HIGH

Firefox vulnerability allows attacker to determine if application is installed

CVE-2024-9398
MozillaFirefox5.3MEDIUM

Mozilla Fixes Critical UI Bugs, Including Clickjacking Vulnerability

CVE-2024-9397
MozillaFirefox6.1MEDIUM

Mozilla Firefox Vulnerable to Memory Corruption Due to Structured Clone

CVE-2024-9396
MozillaFirefox

Mozilla Firefox Vulnerability Allows Cross-Origin JavaScript Execution

CVE-2024-9394
MozillaFirefox7.5HIGH

Specially Crafted Multipart Response Could Allow Arbitrary JavaScript Execution in Firefox

CVE-2024-9393
MozillaFirefox7.5HIGH

Mozilla Warns of Vulnerability in Firefox and Thunderbird

CVE-2024-9392
MozillaFirefox

September 17

CVE-2024-8900
MozillaFirefox7.5HIGH

CVE-2024-8897
MozillaFirefox6.1MEDIUM

September 6

Type Confusion Vulnerability in Firefox Could Lead to Memory Corruption and Crash

CVE-2024-7652
Mozilla

Potentially Exploitable Crash Vulnerability in Thunderbird < 128.2

CVE-2024-8394
MozillaThunderbird6.5MEDIUM

September 3

CVE-2024-8399
MozillaFirefox Focus4.7MEDIUM

Memory Safety Bugs Affect Firefox, Could Lead to Code Execution

CVE-2024-8389
MozillaFirefox9.8CRITICAL

Firefox 121: New Notice System for Fullscreen Mode Transition

CVE-2024-8388
MozillaFirefox5.3MEDIUM

Memory Safety Bugs Affect Firefox and Thunderbird

CVE-2024-8387
MozillaFirefox9.8CRITICAL

Mozilla Firefox Vulnerability Could Allow Spoofing Attacks

CVE-2024-8386
MozillaFirefox6.1MEDIUM

Firefox Vulnerability Affects Users of < 130 and Firefox ESR < 128.2

CVE-2024-8385
MozillaFirefox9.8CRITICAL

Memory Corruption Vulnerability in Firefox (< 130, < 128.2, < 115.15)

CVE-2024-8384
MozillaFirefox9.8CRITICAL

Mozilla Fixes Vulnerability in Firefox Allowing Unscrupulous Websites to Launch Applications Without User Permission

CVE-2024-8383
MozillaFirefox7.5HIGH

Firefox Vulnerability Affects Internal Browser Event Interfaces

CVE-2024-8382
MozillaFirefox8.8HIGH

Possible Type Confusion Vulnerability in Firefox

CVE-2024-8381
MozillaFirefox9.8CRITICAL

August 6

CVE-2024-43111
MozillaFirefox For iOS6.1MEDIUM

CVE-2024-43112
MozillaFirefox For iOS6.1MEDIUM

CVE-2024-43113
MozillaFirefox For iOS6.1MEDIUM

Use-After-Free Vulnerability in Firefox Prior to Version 129

CVE-2024-7530
MozillaFirefox8.8HIGH

Mozilla Fixes Partial Obscuration of Security Prompts Vulnerability in Firefox

CVE-2024-7523
MozillaFirefox8.1HIGH

Firefox Vulnerability Allows Plaintext Passage on Intel Sandy Bridge

CVE-2024-7531
MozillaFirefox6.5MEDIUM

Mozilla Firefox Vulnerability Allows Malicious Sites to Trick Users into Granting Permissions

CVE-2024-7529
MozillaFirefox6.5MEDIUM

Mozilla Firefox Vulnerability Could Lead to Use-After-Free Security Risk

CVE-2024-7528
MozillaFirefox8.8HIGH

Possible Use-After-Free Vulnerability Affecting Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1

CVE-2024-7527
MozillaFirefox8.8HIGH

Uninitialized Memory Leak in Firefox Could Lead to Sensitive Data Exposure

CVE-2024-7526
MozillaFirefox6.5MEDIUM

Firefox Vulnerability Allows Minimal Priviledged Extension to Modify Request Bodies

CVE-2024-7525
MozillaFirefox8.1HIGH

Mozilla Fixes Tracking Protection Bypass Vulnerability in Firefox

CVE-2024-7524
MozillaFirefox6.1MEDIUM

Firefox Vulnerability Could Lead to Out-of-Bounds Read

CVE-2024-7522
MozillaFirefox8.8HIGH

Incomplete WebAssembly Exception Handling Leads to Use-After-Free Vulnerability in Firefox

CVE-2024-7521
MozillaFirefox8.8HIGH

Firefox Type Confusion Vulnerability Could Lead to Code Execution

CVE-2024-7520
MozillaFirefox8.8HIGH

Memory Corruption Vulnerability in Firefox Could Lead to Sandbox Escape

CVE-2024-7519
MozillaFirefox9.6CRITICAL

Mozilla Firefox Vulnerability Allows Spoofing Attacks via Fullscreen Notifications

CVE-2024-7518
MozillaFirefox6.5MEDIUM

July 9

CVE-2024-6602
MozillaFirefox

CVE-2024-6610
MozillaFirefox4.3MEDIUM

CVE-2024-6608
MozillaFirefox4.3MEDIUM

Mozilla Firefox Vulnerability Allows Tapjacking

CVE-2024-6605
Mozilla

CVE-2024-6606
MozillaFirefox

CVE-2024-6611
MozillaFirefox

CVE-2024-6609
MozillaFirefox8.8HIGH

June 13

Private Tab Data Persistence Vulnerability Affects Firefox for iOS

CVE-2024-38312
MozillaFirefox For iOS6.5MEDIUM

Fake Location URL Bar Vulnerability Affects Firefox for iOS

CVE-2024-38313
MozillaFirefox For iOS4.3MEDIUM

June 11

Memory Safety Bugs Affect Firefox, Could Lead to Code Execution

CVE-2024-5701
MozillaFirefox

Firefox Vulnerability: Incorrect Checking of Cookie Prefixes

CVE-2024-5699
MozillaFirefox

Mozilla Firefox Vulnerability: Overlay Attack via Fullscreen Feature

CVE-2024-5698
MozillaFirefox6.1MEDIUM

Mozilla Firefox Screenshot Vulnerability

CVE-2024-5697
MozillaFirefox4.3MEDIUM

Mozilla Firefox Vulnerability Affects Users

CVE-2024-5695
MozillaFirefox9.8CRITICAL

Use-After-Free Vulnerability Affects Firefox < 127

CVE-2024-5694
MozillaFirefox7.5HIGH

Mozilla Firefox Vulnerability Allows Phishing Attacks Through Screenshots

CVE-2024-5689
MozillaFirefox4.3MEDIUM

Firefox for Android Vulnerability Affects Triggering Principal Calculation

CVE-2024-5687
MozillaFirefox