CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9401 – firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
https://notcve.org/view.php?id=CVE-2024-9401
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. ... This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. The Mozilla Foundation's Security Advisory: Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-48 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://access.redhat.com/security/cve/CVE-2024-9401 https://bugzilla.redhat.com/show_bug.cgi?id=2315950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9392 – firefox: thunderbird: Compromised content process can bypass site isolation
https://notcve.org/view.php?id=CVE-2024-9392
This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. • https://bugzilla.mozilla.org/show_bug.cgi?id=1905843 https://www.mozilla.org/security/advisories/mfsa2024-46 https://www.mozilla.org/security/advisories/mfsa2024-47 https://www.mozilla.org/security/advisories/mfsa2024-48 https://www.mozilla.org/security/advisories/mfsa2024-49 https://www.mozilla.org/security/advisories/mfsa2024-50 https://bugzilla.mozilla.org/show_bug.cgi?id=1899154 https://access.redhat.com/security/cve/CVE-2024-9392 https://bugzilla.redhat.com/show_bug.cgi?id=231595 • CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8389
https://notcve.org/view.php?id=CVE-2024-8389
Memory safety bugs present in Firefox 129. ... This vulnerability affects Firefox < 130. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1907230%2C1909367 https://www.mozilla.org/security/advisories/mfsa2024-39 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8387 – mozilla: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2
https://notcve.org/view.php?id=CVE-2024-8387
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. ... This vulnerability affects Firefox < 130 and Firefox ESR < 128.2. Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. The Mozilla Foundation's Security Advisory: Memory safety bugs are present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1857607%2C1911858%2C1914009 https://www.mozilla.org/security/advisories/mfsa2024-39 https://www.mozilla.org/security/advisories/mfsa2024-40 https://www.mozilla.org/security/advisories/mfsa2024-43 https://access.redhat.com/security/cve/CVE-2024-8387 https://bugzilla.redhat.com/show_bug.cgi?id=2309433 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8385 – mozilla: WASM type confusion involving ArrayTypes
https://notcve.org/view.php?id=CVE-2024-8385
This vulnerability affects Firefox < 130 and Firefox ESR < 128.2. ... This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=1911909 https://www.mozilla.org/security/advisories/mfsa2024-39 https://www.mozilla.org/security/advisories/mfsa2024-40 https://www.mozilla.org/security/advisories/mfsa2024-43 https://access.redhat.com/security/cve/CVE-2024-8385 https://bugzilla.redhat.com/show_bug.cgi?id=2309431 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •