CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29534
https://notcve.org/view.php?id=CVE-2023-29534
Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112. • https://bugzilla.mozilla.org/show_bug.cgi?id=1816007 https://bugzilla.mozilla.org/show_bug.cgi?id=1816059 https://bugzilla.mozilla.org/show_bug.cgi?id=1821155 https://bugzilla.mozilla.org/show_bug.cgi?id=1821576 https://bugzilla.mozilla.org/show_bug.cgi? •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-29542
https://notcve.org/view.php?id=CVE-2023-29542
This could have led to accidental execution of malicious code. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. • https://bugzilla.mozilla.org/show_bug.cgi?id=1810793 https://bugzilla.mozilla.org/show_bug.cgi?id=1815062 https://www.mozilla.org/security/advisories/mfsa2023-13 https://www.mozilla.org/security/advisories/mfsa2023-14 https://www.mozilla.org/security/advisories/mfsa2023-15 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-29531
https://notcve.org/view.php?id=CVE-2023-29531
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10. • https://bugzilla.mozilla.org/show_bug.cgi?id=1794292 https://www.mozilla.org/security/advisories/mfsa2023-13 https://www.mozilla.org/security/advisories/mfsa2023-14 https://www.mozilla.org/security/advisories/mfsa2023-15 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32216
https://notcve.org/view.php?id=CVE-2023-32216
Memory safety bugs present in Firefox 112. ... This vulnerability affects Firefox < 113. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746479%2C1806852%2C1815987%2C1820359%2C1823568%2C1824803%2C1824834%2C1825170%2C1827020%2C1828130 https://security.gentoo.org/glsa/202401-10 https://www.mozilla.org/security/advisories/mfsa2023-16 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34416 – Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
https://notcve.org/view.php?id=CVE-2023-34416
Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. ... This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12. The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers and community members Gabriele Svelto, Andrew McCreight, the Mozilla Fuzzing Team, Sean Feng, and Sebastian Hengst reported memory safety bugs present in Firefox 113 and Firefox ESR 102.11. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1752703%2C1818394%2C1826875%2C1827340%2C1827655%2C1828065%2C1830190%2C1830206%2C1830795%2C1833339 https://security.gentoo.org/glsa/202312-03 https://security.gentoo.org/glsa/202401-10 https://www.mozilla.org/security/advisories/mfsa2023-19 https://www.mozilla.org/security/advisories/mfsa2023-20 https://www.mozilla.org/security/advisories/mfsa2023-21 https://access.redhat.com/security/cve/CVE-2023-34416 https://bugzilla.redhat.com/show_bug.cgi?id=2212842 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •