Mozilla

Firefox

2920 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2023-4046

  • EPSS 0.3%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox...

8.8

CVE-2023-4047

  • EPSS 0.4%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

7.5

CVE-2023-4048

  • EPSS 0.35%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

6.5

CVE-2023-37456

  • EPSS 0.59%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.

8.8

CVE-2023-3600

  • EPSS 0.18%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 18.12.2025 16:15:49

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.

5.4

CVE-2023-37455

  • EPSS 0.19%
  • Veröffentlicht 12.07.2023 14:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.

8.8

CVE-2023-37211

  • EPSS 0.43%
  • Veröffentlicht 05.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:12

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This ...

8.8

CVE-2023-37212

  • EPSS 0.25%
  • Veröffentlicht 05.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:12

Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.

6.5

CVE-2023-3482

  • EPSS 0.2%
  • Veröffentlicht 05.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 08:17:21

When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. Thi...

7.8

CVE-2023-37203

  • EPSS 0.05%
  • Veröffentlicht 05.07.2023 10:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:11

Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This v...