Mozilla

Firefox

2918 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-1552

  • EPSS 0.35%
  • Veröffentlicht 20.02.2024 14:15:08
  • Zuletzt bearbeitet 27.03.2025 15:15:48

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

8.1

CVE-2024-1553

  • EPSS 0.55%
  • Veröffentlicht 20.02.2024 14:15:08
  • Zuletzt bearbeitet 27.03.2025 14:39:22

Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vu...

9.8

CVE-2024-1554

Exploit
  • EPSS 0.23%
  • Veröffentlicht 20.02.2024 14:15:08
  • Zuletzt bearbeitet 02.04.2025 20:12:24

The `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contain. Under the correct circumstances, an attacker may have been able to poison the local browser cache by pri...

6.1

CVE-2024-0953

Exploit
  • EPSS 0.14%
  • Veröffentlicht 05.02.2024 17:15:09
  • Zuletzt bearbeitet 21.11.2024 08:47:51

When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content. This vulnerability affects F...

6.5

CVE-2024-0741

  • EPSS 47.68%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 30.05.2025 15:15:29

An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

4.3

CVE-2024-0742

  • EPSS 0.75%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 30.05.2025 15:15:29

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and T...

7.5

CVE-2024-0743

  • EPSS 0.63%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 03.11.2025 22:16:34

An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.

7.5

CVE-2024-0744

  • EPSS 0.37%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 21.11.2024 08:47:16

In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.

8.8

CVE-2024-0745

  • EPSS 0.56%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 21.11.2024 08:47:16

The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.

6.5

CVE-2024-0746

  • EPSS 0.57%
  • Veröffentlicht 23.01.2024 14:15:38
  • Zuletzt bearbeitet 20.06.2025 19:15:29

A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.