Mozilla Firefox — свободный браузер на движке Gecko
Релизный цикл, информация об уязвимостях
График релизов
Количество 14 679
GHSA-x565-97fv-jfr5
A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15.
CVE-2024-8389
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130.
CVE-2024-8389
Memory safety bugs present in Firefox 129. Some of these bugs showed e ...
CVE-2024-8389
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130.
CVE-2024-8388
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130.
CVE-2024-8388
Multiple prompts and panels from both Firefox and the Android OS could ...
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thun ...
CVE-2024-8386
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.
CVE-2024-8386
If a site had been granted the permission to open popup windows, it co ...
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| GHSA-x565-97fv-jfr5 A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with` environment. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Firefox ESR < 115.15. | CVSS3: 9.8 | 16% Средний | 10 месяцев назад |
 | CVE-2024-8389 Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130. | CVSS3: 9.8 | 0% Низкий | 10 месяцев назад |
| CVE-2024-8389 Memory safety bugs present in Firefox 129. Some of these bugs showed e ... | CVSS3: 9.8 | 0% Низкий | 10 месяцев назад |
 | CVE-2024-8389 Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130. | 0% Низкий | 10 месяцев назад | |
| CVE-2024-8388 Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.* This vulnerability affects Firefox < 130. | CVSS3: 5.3 | 0% Низкий | 10 месяцев назад |
| CVE-2024-8388 Multiple prompts and panels from both Firefox and the Android OS could ... | CVSS3: 5.3 | 0% Низкий | 10 месяцев назад |
| CVE-2024-8387 Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. | CVSS3: 9.8 | 1% Низкий | 10 месяцев назад |
| CVE-2024-8387 Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thun ... | CVSS3: 9.8 | 1% Низкий | 10 месяцев назад |
| CVE-2024-8386 If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
| CVE-2024-8386 If a site had been granted the permission to open popup windows, it co ... | CVSS3: 6.1 | 0% Низкий | 10 месяцев назад |
Уязвимостей на страницу