Mozilla

Firefox

2918 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-43112

  • EPSS 1%
  • Veröffentlicht 06.08.2024 16:15:49
  • Zuletzt bearbeitet 17.03.2025 20:15:12

Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129.

6.1

CVE-2024-43113

  • EPSS 0.76%
  • Veröffentlicht 06.08.2024 16:15:49
  • Zuletzt bearbeitet 24.03.2025 17:15:18

The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.

9.6

CVE-2024-7519

  • EPSS 0.23%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:04:20

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, T...

8.8

CVE-2024-7520

  • EPSS 0.44%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 24.03.2025 17:15:19

A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

8.8

CVE-2024-7521

  • EPSS 0.19%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:05:10

Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

8.8

CVE-2024-7522

  • EPSS 0.18%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:06:05

Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

8.1

CVE-2024-7523

  • EPSS 0.08%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 14.03.2025 16:15:38

A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. *This issue only affects Android versions of Firefox.* This vulnerability affects Firefox < 129.

6.1

CVE-2024-7524

  • EPSS 0.22%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 25.03.2025 17:16:12

Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM...

8.1

CVE-2024-7525

  • EPSS 0.1%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 12.08.2024 16:07:19

It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 12...

6.5

CVE-2024-7526

  • EPSS 0.2%
  • Veröffentlicht 06.08.2024 13:15:57
  • Zuletzt bearbeitet 17.09.2024 19:15:28

ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128....