Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MozillaFirefox Esr

65 matches found

CVE
CVEadded 2021/01/07 2:15 p.m.197 views

CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR

8.8CVSS8.1AI score0.0019EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.195 views

CVE-2021-38506

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR

4.3CVSS6AI score0.00207EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.194 views

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox

6.5CVSS7.3AI score0.00422EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.193 views

CVE-2021-38509

Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR

4.3CVSS6.1AI score0.00477EPSS
CVE
CVEadded 2021/11/03 1:15 a.m.192 views

CVE-2021-38495

Mozilla developers reported memory safety bugs present in Thunderbird 78.13.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.1 and Firefox E...

8.8CVSS9.5AI score0.00284EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.189 views

CVE-2021-43545

Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox

6.5CVSS7.3AI score0.00172EPSS
CVE
CVEadded 2021/01/07 2:15 p.m.188 views

CVE-2020-35112

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. Note: ...

8.8CVSS7.9AI score0.00532EPSS
CVE
CVEadded 2021/11/03 1:15 a.m.166 views

CVE-2021-38501

Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 93, Thunde...

8.8CVSS9.6AI score0.00648EPSS
CVE
CVEadded 2021/11/03 1:15 a.m.165 views

CVE-2021-38498

During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR

7.5CVSS8.2AI score0.00523EPSS
CVE
CVEadded 2021/11/03 1:15 a.m.155 views

CVE-2021-38492

When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode. This bug only affects Firefox for Windows. Other operating systems are unaffected. . This vulnerability ...

6.5CVSS6.5AI score0.0025EPSS
CVE
CVEadded 2021/11/03 1:15 a.m.153 views

CVE-2021-38497

Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. This vulnerability affects Firefox < 93, Thunderbird < 91.2, and Firefox ESR

6.5CVSS7.1AI score0.00198EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.145 views

CVE-2021-43535

A use-after-free could have occured when an HTTP2 session object was released on a different thread, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 93, Thunderbird < 91.3, and Firefox ESR

8.8CVSS8.8AI score0.0136EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.141 views

CVE-2021-43534

Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects F...

8.8CVSS9.4AI score0.01788EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.128 views

CVE-2021-38510

The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected. . This vulnerability affects Firefox < 94, Thunder...

8.8CVSS8.3AI score0.0047EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.122 views

CVE-2021-38505

Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must ...

6.5CVSS6.7AI score0.00444EPSS
Total number of security vulnerabilities65