Логотип exploitDog
product: "firefox"
Консоль
Логотип exploitDog

exploitDog

product: "firefox"
Mozilla Firefox

Mozilla Firefoxсвободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox
Вендор: mozilla

График релизов

11511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614720232024202520262027

Недавние уязвимости Mozilla Firefox

Количество 15 501

ubuntu логотип

CVE-2024-6615

больше 1 года назад

Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 8.8
EPSS: Низкий
ubuntu логотип

CVE-2024-6610

больше 1 года назад

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 4.3
EPSS: Низкий
ubuntu логотип

CVE-2024-6602

больше 1 года назад

A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 9.8
EPSS: Низкий
ubuntu логотип

CVE-2024-6604

больше 1 года назад

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 7.5
EPSS: Низкий
ubuntu логотип

CVE-2024-6605

больше 1 года назад

Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.

CVSS3: 8.8
EPSS: Низкий
ubuntu логотип

CVE-2024-6606

больше 1 года назад

Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 8.2
EPSS: Низкий
redhat логотип

CVE-2024-6603

больше 1 года назад

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
EPSS: Низкий
redhat логотип

CVE-2024-6604

больше 1 года назад

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 7.5
EPSS: Низкий
redhat логотип

CVE-2024-6600

больше 1 года назад

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
EPSS: Низкий
redhat логотип

CVE-2024-6601

больше 1 года назад

A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
ubuntu логотип
CVE-2024-6615

Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 8.8
1%
Низкий
больше 1 года назад
ubuntu логотип
CVE-2024-6610

Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 4.3
0%
Низкий
больше 1 года назад
ubuntu логотип
CVE-2024-6602

A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 9.8
1%
Низкий
больше 1 года назад
ubuntu логотип
CVE-2024-6604

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 7.5
0%
Низкий
больше 1 года назад
ubuntu логотип
CVE-2024-6605

Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects Firefox < 128.

CVSS3: 8.8
1%
Низкий
больше 1 года назад
ubuntu логотип
CVE-2024-6606

Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CVSS3: 8.2
0%
Низкий
больше 1 года назад
redhat логотип
CVE-2024-6603

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
0%
Низкий
больше 1 года назад
redhat логотип
CVE-2024-6604

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 7.5
0%
Низкий
больше 1 года назад
redhat логотип
CVE-2024-6600

Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
0%
Низкий
больше 1 года назад
redhat логотип
CVE-2024-6601

A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS3: 6.1
0%
Низкий
больше 1 года назад

Уязвимостей на страницу


Поделиться