CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 0CVE-2023-4056 – Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
https://notcve.org/view.php?id=CVE-2023-4056
01 Aug 2023 — Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. ... This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. Fallos de seguridad de memoria presentes en Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0 y Thunderbird 102.13. ... Esta vulnerabilidad afecta a versiones inferiores de Firefox 116, Firefox ESR... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4047 – Mozilla: Potential permissions request bypass via clickjacking
https://notcve.org/view.php?id=CVE-2023-4047
01 Aug 2023 — This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1. ... Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. • https://bugzilla.mozilla.org/show_bug.cgi?id=1839073 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3600 – firefox: use-after-free in workers
https://notcve.org/view.php?id=CVE-2023-3600
12 Jul 2023 — This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1839703 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2023-37277 – XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API
https://notcve.org/view.php?id=CVE-2023-37277
10 Jul 2023 — For regular cookie-based authentication, the vulnerability is mitigated by SameSite cookie restrictions but as of March 2023, these are not enabled by default in Firefox and Safari. • https://github.com/xwiki/xwiki-platform/commit/4c175405faa0e62437df397811c7526dfc0fbae7 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37209 – Gentoo Linux Security Advisory 202401-10
https://notcve.org/view.php?id=CVE-2023-37209
05 Jul 2023 — This vulnerability affects Firefox < 115. Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1837993 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2023-37201 – Mozilla: Use-after-free in WebRTC certificate generation
https://notcve.org/view.php?id=CVE-2023-37201
05 Jul 2023 — This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. • https://bugzilla.mozilla.org/show_bug.cgi?id=1826002 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2023-37202 – Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey
https://notcve.org/view.php?id=CVE-2023-37202
05 Jul 2023 — This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. • https://bugzilla.mozilla.org/show_bug.cgi?id=1834711 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2023-37211 – Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13
https://notcve.org/view.php?id=CVE-2023-37211
05 Jul 2023 — Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. ... This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. The Mozilla Foundation Security Advisory describes this flaw as: Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. ... Multiple security issues were discovered in Firefox. ... Martin Hostettler discovered that Firefox did not properly blo... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37212 – Ubuntu Security Notice USN-6201-1
https://notcve.org/view.php?id=CVE-2023-37212
05 Jul 2023 — Memory safety bugs present in Firefox 114. ... This vulnerability affects Firefox < 115. Multiple security issues were discovered in Firefox. ... Martin Hostettler discovered that Firefox did not properly block storage of all cookies when configured. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1750870%2C1825552%2C1826206%2C1827076%2C1828690%2C1833503%2C1835710%2C1838587 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-25136
https://notcve.org/view.php?id=CVE-2019-25136
19 Jun 2023 — This vulnerability affects Firefox < 70. • https://bugzilla.mozilla.org/show_bug.cgi?id=1530709 •