Firefox
Source repositories
CVEs (3,179)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29987 | Med | 0.42 | 6.5 | 0.01 | Aug 17, 2021 | After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not… | ||
| CVE-2021-29983 | Med | 0.42 | 6.5 | 0.01 | Aug 17, 2021 | Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91. | ||
| CVE-2021-29982 | Med | 0.42 | 6.5 | 0.01 | Aug 17, 2021 | Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox < 91 and Thunderbird < 91. | ||
| CVE-2021-29975 | Med | 0.42 | 6.5 | 0.01 | Aug 5, 2021 | Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This… | ||
| CVE-2021-29951 | Med | 0.42 | 6.5 | 0.02 | Jun 24, 2021 | The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop'… | ||
| CVE-2021-29945 | Med | 0.42 | 6.5 | 0.01 | Jun 24, 2021 | The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and… | ||
| CVE-2021-23998 | Med | 0.42 | 6.5 | 0.01 | Jun 24, 2021 | Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88. | ||
| CVE-2021-23996 | Med | 0.42 | 6.5 | 0.01 | Jun 24, 2021 | By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88. | ||
| CVE-2007-5967 | Med | 0.42 | 6.5 | 0.00 | May 17, 2021 | A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval. | ||
| CVE-2021-23986 | Med | 0.42 | 6.5 | 0.00 | Mar 31, 2021 | A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which… | ||
| CVE-2021-23985 | Med | 0.42 | 6.5 | 0.01 | Mar 31, 2021 | If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a… | ||
| CVE-2021-23984 | Med | 0.42 | 6.5 | 0.01 | Mar 31, 2021 | A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing… | ||
| CVE-2021-23983 | Med | 0.42 | 6.5 | 0.01 | Mar 31, 2021 | By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 87. | ||
| CVE-2021-23982 | Med | 0.42 | 6.5 | 0.01 | Mar 31, 2021 | Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and… | ||
| CVE-2021-23958 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85. | ||
| CVE-2021-23956 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85. | ||
| CVE-2021-23975 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This… | ||
| CVE-2021-23973 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8. | ||
| CVE-2021-23971 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This… | ||
| CVE-2021-23970 | Med | 0.42 | 6.5 | 0.01 | Feb 26, 2021 | Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86. |
- risk 0.42cvss 6.5epss 0.01
After requesting multiple permissions, and closing the first permission panel, subsequent permission panels will be displayed in a different position but still record a click in the default location, making it possible to trick a user into accepting a permission they did not…
- risk 0.42cvss 6.5epss 0.01
Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91.
- risk 0.42cvss 6.5epss 0.01
Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox < 91 and Thunderbird < 91.
- risk 0.42cvss 6.5epss 0.01
Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion. This…
- risk 0.42cvss 6.5epss 0.02
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop'…
- risk 0.42cvss 6.5epss 0.01
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. *Note: This issue only affected x86-32 platforms. Other platforms are unaffected.*. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and…
- risk 0.42cvss 6.5epss 0.01
Through complicated navigations with new windows, an HTTP page could have inherited a secure lock icon from an HTTPS page. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
- risk 0.42cvss 6.5epss 0.01
By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user. This vulnerability affects Firefox < 88.
- risk 0.42cvss 6.5epss 0.00
A flaw in Mozilla's embedded certificate code might allow web sites to install root certificates on devices without user approval.
- risk 0.42cvss 6.5epss 0.00
A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL. The response to this cross-origin request could have been read by the extension, allowing a same-origin policy bypass by the extension, which…
- risk 0.42cvss 6.5epss 0.01
If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker (able to make a…
- risk 0.42cvss 6.5epss 0.01
A malicious extension could have opened a popup window lacking an address bar. The title of the popup lacking an address bar should not be fully controllable, but in this situation was. This could have been used to spoof a website and attempt to trick the user into providing…
- risk 0.42cvss 6.5epss 0.01
By causing a transition on a parent node by removing a CSS rule, an invalid property for a marker could have been applied, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 87.
- risk 0.42cvss 6.5epss 0.01
Using techniques that built on the slipstream research, a malicious webpage could have scanned both an internal network's hosts as well as services running on the user's local machine utilizing WebRTC connections. This vulnerability affects Firefox ESR < 78.9, Firefox < 87, and…
- risk 0.42cvss 6.5epss 0.01
The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox < 85.
- risk 0.42cvss 6.5epss 0.01
An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a whole directory. This was addressed by adding a new prompt. This vulnerability affects Firefox < 85.
- risk 0.42cvss 6.5epss 0.01
The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This…
- risk 0.42cvss 6.5epss 0.01
When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
- risk 0.42cvss 6.5epss 0.01
When processing a redirect with a conflicting Referrer-Policy, Firefox would have adopted the redirect's Referrer-Policy. This would have potentially resulted in more information than intended by the original origin being provided to the destination of the redirect. This…
- risk 0.42cvss 6.5epss 0.01
Context-specific code was included in a shared jump table; resulting in assertions being triggered in multithreaded wasm code. This vulnerability affects Firefox < 86.
Page 69 of 159