Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Workstation Extension 15 SP5 package MozillaThunderbird, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (179)
CVE-2024-8381 — CVSS 9.8 (critical): A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with`…
CVE-2024-6602 — CVSS 9.8 (critical): A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR <…
CVE-2023-34416 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory…
CVE-2024-9401 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence…
CVE-2024-11698 — CVSS 9.8 (critical): A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal…
CVE-2024-9392 — CVSS 9.8 (critical): A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131…
CVE-2024-8387 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory…
CVE-2024-9402 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory…
CVE-2023-4056 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these…
CVE-2023-5168 — CVSS 9.8 (critical): A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a…
CVE-2023-4057 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory…
CVE-2024-11693 — CVSS 9.8 (critical): The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating…
CVE-2023-5174 — CVSS 9.8 (critical): If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting…
CVE-2023-5176 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory…
CVE-2024-8385 — CVSS 9.8 (critical): A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability…
CVE-2024-8384 — CVSS 9.8 (critical): The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two…
CVE-2024-6611 — CVSS 9.8 (critical): A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128…
CVE-2024-3863 — CVSS 9.8 (critical): The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems…
CVE-2023-5730 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory…
CVE-2024-7519 — CVSS 9.6 (critical): Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to…
CVE-2024-6607 — CVSS 8.8 (high): It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a…
CVE-2023-6212 — CVSS 8.8 (high): Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory…
CVE-2023-3600 — CVSS 8.8 (high): During the worker lifecycle, a use-after-free condition could have occurred, which could have led to a potentially exploitable crash. This…
CVE-2024-11699 — CVSS 8.8 (high): Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory…
CVE-2024-11697 — CVSS 8.8 (high): When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation…
CVE-2024-9396 — CVSS 8.8 (high): It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to…
CVE-2024-10467 — CVSS 8.8 (high): Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory…
CVE-2024-11691 — CVSS 8.8 (high): Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in…
CVE-2024-8382 — CVSS 8.8 (high): Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web…
CVE-2024-7528 — CVSS 8.8 (high): Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox…
CVE-2024-7527 — CVSS 8.8 (high): Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR…
CVE-2023-4582 — CVSS 8.8 (high): Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occurred when allocating too much…
CVE-2023-4584 — CVSS 8.8 (high): Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these…
CVE-2023-4585 — CVSS 8.8 (high): Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory…
CVE-2024-7522 — CVSS 8.8 (high): Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129…
CVE-2024-7521 — CVSS 8.8 (high): Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR <…
CVE-2024-7520 — CVSS 8.8 (high): A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects…
CVE-2024-6615 — CVSS 8.8 (high): Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2023-4047 — CVSS 8.8 (high): A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This…
CVE-2024-6609 — CVSS 8.8 (high): When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox <…
CVE-2023-6858 — CVSS 8.8 (high): Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox…
CVE-2023-6859 — CVSS 8.8 (high): A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6…
CVE-2023-6861 — CVSS 8.8 (high): The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects…
CVE-2023-6862 — CVSS 8.8 (high): A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability…
CVE-2023-6863 — CVSS 8.8 (high): The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual…
CVE-2023-6864 — CVSS 8.8 (high): Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory…
CVE-2024-9400 — CVSS 8.8 (high): A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during…
CVE-2024-3854 — CVSS 8.8 (high): In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability…
CVE-2024-2614 — CVSS 8.8 (high): Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory…
CVE-2024-0750 — CVSS 8.8 (high): A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This…
CVE-2024-0751 — CVSS 8.8 (high): A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7…
CVE-2024-4777 — CVSS 8.8 (high): Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory…
CVE-2023-6207 — CVSS 8.8 (high): Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and…
CVE-2023-6208 — CVSS 8.8 (high): When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage…
CVE-2024-4770 — CVSS 8.8 (high): When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox <…
CVE-2024-0755 — CVSS 8.8 (high): Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory…
CVE-2023-6856 — CVSS 8.8 (high): The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue…
CVE-2024-4367 — CVSS 8.8 (high): A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This…
CVE-2024-5696 — CVSS 8.6 (high): By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable…
CVE-2023-4576 — CVSS 8.6 (high): On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking…
CVE-2024-2608 — CVSS 8.4 (high): `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer…
CVE-2024-6606 — CVSS 8.2 (high): Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects…
CVE-2024-2607 — CVSS 8.1 (high): Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A…
CVE-2024-2612 — CVSS 8.1 (high): If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be…
CVE-2024-3864 — CVSS 8.1 (high): Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we…
CVE-2024-7525 — CVSS 8.1 (high): It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response…
CVE-2024-1553 — CVSS 8.1 (high): Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory…
CVE-2024-5688 — CVSS 8.1 (high): If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability…
CVE-2024-3857 — CVSS 7.8 (high): The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This…
CVE-2023-3417 — CVSS 7.5 (high): Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a…
CVE-2023-4048 — CVSS 7.5 (high): An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability…
CVE-2023-4050 — CVSS 7.5 (high): In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable…
CVE-2023-4051 — CVSS 7.5 (high): A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and…
CVE-2023-4055 — CVSS 7.5 (high): When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent…
CVE-2023-4583 — CVSS 7.5 (high): When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to…
CVE-2023-5724 — CVSS 7.5 (high): Drivers are not always robust to extremely large draw calls and in some cases this scenario could have led to a crash. This vulnerability…
CVE-2023-5728 — CVSS 7.5 (high): During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable…
CVE-2024-0743 — CVSS 7.5 (high): An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox <…
CVE-2024-10458 — CVSS 7.5 (high): A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects…
CVE-2024-10459 — CVSS 7.5 (high): An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This…
CVE-2024-10466 — CVSS 7.5 (high): By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become…
CVE-2024-1546 — CVSS 7.5 (high): When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds…
CVE-2024-1552 — CVSS 7.5 (high): Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects…
CVE-2024-1936 — CVSS 7.5 (high): The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in…
CVE-2024-34703 — CVSS 7.5 (high): Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit…
CVE-2024-3852 — CVSS 7.5 (high): GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125…
CVE-2024-5702 — CVSS 7.5 (high): Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125…
CVE-2024-6604 — CVSS 7.5 (high): Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory…
CVE-2024-8900 — CVSS 7.5 (high): An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This…
CVE-2024-9393 — CVSS 7.5 (high): An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This…
CVE-2024-9394 — CVSS 7.5 (high): An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This…
CVE-2024-9399 — CVSS 7.5 (high): A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service…
CVE-2024-6603 — CVSS 7.4 (high): In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory…
CVE-2024-5700 — CVSS 7.0 (high): Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory…
CVE-2023-4578 — CVSS 6.5 (medium): When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path…
CVE-2024-0753 — CVSS 6.5 (medium): In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR…
CVE-2024-0747 — CVSS 6.5 (medium): When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child…
CVE-2023-4052 — CVSS 6.5 (medium): The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be…
CVE-2024-0746 — CVSS 6.5 (medium): A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR…
CVE-2024-0741 — CVSS 6.5 (medium): An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This…
CVE-2023-6860 — CVSS 6.5 (medium): The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This…
CVE-2023-6209 — CVSS 6.5 (medium): Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override…
CVE-2023-6205 — CVSS 6.5 (medium): It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable…
CVE-2024-5692 — CVSS 6.5 (medium): On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed…
CVE-2023-6204 — CVSS 6.5 (medium): On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into…
CVE-2023-5732 — CVSS 6.5 (medium): An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This…
CVE-2023-5727 — CVSS 6.5 (medium): The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on…
CVE-2023-5388 — CVSS 6.5 (medium): NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to…
CVE-2024-7518 — CVSS 6.5 (medium): Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This…
CVE-2023-5171 — CVSS 6.5 (medium): During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL…
CVE-2023-5169 — CVSS 6.5 (medium): A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a…
CVE-2024-7526 — CVSS 6.5 (medium): ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from…
CVE-2023-4580 — CVSS 6.5 (medium): Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information…
CVE-2024-7529 — CVSS 6.5 (medium): The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions…
CVE-2023-4577 — CVSS 6.5 (medium): When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the…
CVE-2023-4575 — CVSS 6.5 (medium): When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and…
CVE-2023-4574 — CVSS 6.5 (medium): When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and…
CVE-2023-4573 — CVSS 6.5 (medium): When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free…
CVE-2024-8394 — CVSS 6.5 (medium): When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially…
CVE-2024-10465 — CVSS 6.5 (medium): A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR…
CVE-2024-10464 — CVSS 6.5 (medium): Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was…
CVE-2024-10463 — CVSS 6.5 (medium): Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4…
CVE-2024-10462 — CVSS 6.5 (medium): Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR <…
CVE-2023-4053 — CVSS 6.5 (medium): A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto…
CVE-2024-1547 — CVSS 6.5 (medium): Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website (with the…
CVE-2024-6600 — CVSS 6.3 (medium): Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than…
CVE-2024-1549 — CVSS 6.1 (medium): If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in…
CVE-2024-11694 — CVSS 6.1 (medium): Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google…
CVE-2024-9397 — CVSS 6.1 (medium): A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via…
CVE-2024-8386 — CVSS 6.1 (medium): If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform…
CVE-2024-5693 — CVSS 6.1 (medium): Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of…
CVE-2024-4768 — CVSS 6.1 (medium): A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This…
CVE-2024-1550 — CVSS 6.1 (medium): A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be…
CVE-2024-1551 — CVSS 6.1 (medium): Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type…
CVE-2024-10461 — CVSS 6.1 (medium): In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a…
CVE-2024-2609 — CVSS 6.1 (medium): The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious…
CVE-2024-2610 — CVSS 6.1 (medium): Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies…
CVE-2024-2605 — CVSS 5.9 (medium): An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue…
CVE-2023-4049 — CVSS 5.9 (medium): Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable…
CVE-2024-3859 — CVSS 5.9 (medium): On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed…
CVE-2024-4769 — CVSS 5.9 (medium): When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and…
CVE-2023-4054 — CVSS 5.5 (medium): When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. *This bug only affects Firefox on…
CVE-2024-6613 — CVSS 5.5 (medium): The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability…
CVE-2024-2611 — CVSS 5.5 (medium): A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This…
CVE-2023-6206 — CVSS 5.4 (medium): The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was…
CVE-2024-11695 — CVSS 5.4 (medium): A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential…
CVE-2024-11696 — CVSS 5.4 (medium): The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This…
CVE-2023-4045 — CVSS 5.3 (medium): Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in…
CVE-2024-10460 — CVSS 5.3 (medium): The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects…
CVE-2024-9398 — CVSS 5.3 (medium): By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application…
CVE-2024-6612 — CVSS 5.3 (medium): CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch…
CVE-2024-50336: matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side…
CVE-2023-4046 — CVSS 5.3 (medium): In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect…
CVE-2023-6857 — CVSS 5.3 (medium): When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only…
CVE-2024-5691 — CVSS 4.7 (medium): By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would…
CVE-2024-6601 — CVSS 4.7 (medium): A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox <…
CVE-2024-4767 — CVSS 4.3 (medium): If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed…
CVE-2024-1548 — CVSS 4.3 (medium): A website could have obscured the fullscreen notification by using a dropdown select input element. This could have led to user confusion…
CVE-2024-11159 — CVSS 4.3 (medium): Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird <…
CVE-2023-5726 — CVSS 4.3 (medium): A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and…
CVE-2024-6608 — CVSS 4.3 (medium): It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox…
CVE-2023-5725 — CVSS 4.3 (medium): A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive…
CVE-2024-6610 — CVSS 4.3 (medium): Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from…
CVE-2023-5721 — CVSS 4.3 (medium): It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient…
CVE-2024-6614 — CVSS 4.3 (medium): The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability…
CVE-2024-11692 — CVSS 4.3 (medium): An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing…
CVE-2024-0749 — CVSS 4.3 (medium): A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This…
CVE-2024-0742 — CVSS 4.3 (medium): It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect…
CVE-2023-50762 — CVSS 4.3 (medium): When processing a PGP/MIME payload that contains digitally signed text, the first paragraph of the text was never shown to the user. This…
CVE-2023-50761 — CVSS 4.3 (medium): The signature of a digitally signed S/MIME email message may optionally specify the signature creation date and time. If present…
CVE-2024-5690 — CVSS 4.3 (medium): By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's…
CVE-2023-4581 — CVSS 4.3 (medium): Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any…
CVE-2024-3861 — CVSS 4.0 (medium): If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later…
CVE-2024-3302 — CVSS 3.7 (low): There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of…
CVE-2023-34414 — CVSS 3.1 (low): The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission…
CVE-2024-2616 — CVSS 2.7 (low): To harden ICU against exploitation, the behavior for out-of-memory conditions was changed to crash instead of attempt to continue. This…