Mozilla

Firefox

3102 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-4053

  • EPSS 0.15%
  • Veröffentlicht 01.08.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:18

A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 11...

5.3

CVE-2023-4045

  • EPSS 0.24%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115...

5.3

CVE-2023-4046

  • EPSS 0.21%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox...

8.8

CVE-2023-4047

  • EPSS 0.58%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

7.5

CVE-2023-4048

  • EPSS 0.31%
  • Veröffentlicht 01.08.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 08:34:17

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

6.5

CVE-2023-37456

  • EPSS 0.44%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115.

8.8

CVE-2023-3600

  • EPSS 0.19%
  • Veröffentlicht 12.07.2023 14:15:10
  • Zuletzt bearbeitet 18.12.2025 16:15:49

During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1.

5.4

CVE-2023-37455

  • EPSS 0.25%
  • Veröffentlicht 12.07.2023 14:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:44

The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab. This vulnerability affects Firefox for iOS < 115.

8.8

CVE-2023-37211

  • EPSS 0.5%
  • Veröffentlicht 05.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:12

Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This ...

8.8

CVE-2023-37212

  • EPSS 0.25%
  • Veröffentlicht 05.07.2023 10:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:12

Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.