Mozilla: >> Firefox Security Vulnerabilities
Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 87.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-03-31
A texture upload of a Pixel Buffer Object could have confused the WebGL code to skip binding the buffer used to unpack it, resulting in memory corruption and a potentially exploitable information leak or crash. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and Thunderbird < 78.9.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-03-31
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-03-18
Mozilla developers reported memory safety bugs present in Firefox 84 and Firefox ESR 78.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85, Thunderbird < 78.7, and Firefox ESR < 78.7.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-02-26
Mozilla developers reported memory safety bugs present in Firefox 84. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 85.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-02-26
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
CVSS Score
8.8
EPSS Score
0.012
Published
2021-02-26
Mozilla developers reported memory safety bugs present in Firefox 85. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 86.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-02-26
Incorrect use of the '<RowCountChanged>' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox < 85.
CVSS Score
8.8
EPSS Score
0.003
Published
2021-02-26
When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox < 85.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-02-26
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a malicious application to read sensitive data from application directories. Note: This issue is only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 86.
CVSS Score
5.3
EPSS Score
0.004
Published
2021-02-26