Known Vulnerabilities for Firefox by Mozilla

Listed below are 10 of the newest known vulnerabilities associated with the software "Firefox" by "Mozilla".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-28795 A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a... Not Provided 2022-04-12 2022-04-12
CVE-2021-43527 NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-enco... Not Provided 2021-12-08 2022-04-20
CVE-2021-30117 The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parame... 9.8 - CRITICAL 2021-07-09 2022-04-04
CVE-2021-23961 Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an interna... 7.4 - HIGH 2021-02-26 2022-05-27
CVE-2021-23960 Performing garbage collection on re-declared JavaScript variables resulted in a user-after-poison, and a potentially exploita... 8.8 - HIGH 2021-02-26 2021-03-03
CVE-2021-23959 An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address ba... 6.1 - MEDIUM 2021-02-26 2021-03-03
CVE-2021-23958 The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended i... 6.5 - MEDIUM 2021-02-26 2021-03-03
CVE-2021-23957 Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. Note: This iss... 7.4 - HIGH 2021-02-26 2021-03-03
CVE-2021-23956 An ambiguous file picker design could have confused users who intended to select and upload a single file into uploading a wh... 6.5 - MEDIUM 2021-02-26 2021-03-03
CVE-2021-23955 The browser could have been confused into transferring a pointer lock state into another tab, which could have lead to clickj... 6.1 - MEDIUM 2021-02-26 2021-03-03

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMozillaFirefox9.0.1AllAllAll
ApplicationMozillaFirefox9.0AllAllAll
ApplicationMozillaFirefox84.0AllAllAll
ApplicationMozillaFirefox84.0AllAllAll
ApplicationMozillaFirefox83.0AllAllAll
ApplicationMozillaFirefox82.0AllAllAll
ApplicationMozillaFirefox81.0AllAllAll
ApplicationMozillaFirefox80.0AllAllAll
ApplicationMozillaFirefox80.0AllAllAll
ApplicationMozillaFirefox80.0AllAllAll
ApplicationMozillaFirefox8.0.1AllAllAll
ApplicationMozillaFirefox8.0AllAllAll
ApplicationMozillaFirefox79.0AllAllAll
ApplicationMozillaFirefox78.0.2AllAllAll
ApplicationMozillaFirefox78.0.1AllAllAll
ApplicationMozillaFirefox78.0AllAllAll
ApplicationMozillaFirefox77.0.1AllAllAll
ApplicationMozillaFirefox77.0AllAllAll
ApplicationMozillaFirefox76.0.1AllAllAll
ApplicationMozillaFirefox76.0AllAllAll

Popular searches for Firefox

Mozilla Firefox Web browser developed by Mozilla Foundation

Firefox Browser, also known as Mozilla Firefox or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. Firefox uses the Gecko layout engine to render web pages, which implements current and anticipated web standards. In 2017, Firefox began incorporating new technology under the code name Quantum to promote parallelism and a more intuitive user interface.

© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report