CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-4774 – Gentoo Linux Security Advisory 202408-02
https://notcve.org/view.php?id=CVE-2024-4774
14 May 2024 — This vulnerability affects Firefox < 126. ... Esta vulnerabilidad afecta a Firefox < 126. USN-6779-1 fixed vulnerabilities in Firefox. ... Multiple security issues were discovered in Firefox. ... Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. • https://bugzilla.mozilla.org/show_bug.cgi?id=1886598 • CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-4772 – Gentoo Linux Security Advisory 202408-02
https://notcve.org/view.php?id=CVE-2024-4772
14 May 2024 — This vulnerability affects Firefox < 126. ... Esta vulnerabilidad afecta a Firefox < 126. Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1870579 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-4764 – Gentoo Linux Security Advisory 202408-02
https://notcve.org/view.php?id=CVE-2024-4764
14 May 2024 — This vulnerability affects Firefox < 126. ... Esta vulnerabilidad afecta a Firefox < 126. USN-6779-1 fixed vulnerabilities in Firefox. ... Multiple security issues were discovered in Firefox. ... Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. • https://bugzilla.mozilla.org/show_bug.cgi?id=1879093 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2024-4770 – Mozilla: Use-after-free could occur when printing to PDF
https://notcve.org/view.php?id=CVE-2024-4770
14 May 2024 — This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. ... Esta vulnerabilidad afecta a Firefox < 126, Firefox ESR < 115.11 y Thunderbird < 115.11. ... USN-6779-1 fixed vulnerabilities in Firefox. ... Multiple security issues were discovered in Firefox. ... Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. • https://bugzilla.mozilla.org/show_bug.cgi?id=1893270 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 49%CPEs: 1EXPL: 14CVE-2024-4367 – PDF.js < 4.2.67 - Arbitrary JavaScript Execution
https://notcve.org/view.php?id=CVE-2024-4367
14 May 2024 — This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. ... Esta vulnerabilidad afecta a Firefox < 126, Firefox ESR < 115.11 y Thunderbird < 115.11. ... USN-6779-1 fixed vulnerabilities in Firefox. ... Multiple security issues were discovered in Firefox. ... Thomas Rinsma discovered that Firefox did not properly handle type check when handling fonts in PDF.js. • https://github.com/snyk-labs/pdfjs-vuln-demo • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32986 – Arbitrary code execution due to improper sanitization of web app properties in PWAsForFirefox
https://notcve.org/view.php?id=CVE-2024-32986
03 May 2024 — PWAsForFirefox is a tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox. ... PWAsForFirefox es una herramienta para instalar, administrar y utilizar aplicaciones web progresivas (PWA) en Mozilla Firefox. • https://github.com/filips123/PWAsForFirefox/commit/9932d4b289631d447f88ace09a2fabafe4cd5bd5 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 10.0EPSS: 0%CPEs: 17EXPL: 0CVE-2024-3863
https://notcve.org/view.php?id=CVE-2024-3863
16 Apr 2024 — .* This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. ... Otros sistemas operativos no se ven afectados.* Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. • https://bugzilla.mozilla.org/show_bug.cgi?id=1885855 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-3855 – Gentoo Linux Security Advisory 202408-02
https://notcve.org/view.php?id=CVE-2024-3855
16 Apr 2024 — This vulnerability affects Firefox < 125. ... Esta vulnerabilidad afecta a Firefox < 125. Multiple security issues were discovered in Firefox. ... Bartek Nowotarski discovered that Firefox did not properly limit HTTP/2 CONTINUATION frames. • https://bugzilla.mozilla.org/show_bug.cgi?id=1885828 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-29944 – Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2024-29944
22 Mar 2024 — Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1. ... Nota: Esta vulnerabilidad afecta únicamente a Firefox de escritorio, no afecta a las versiones móviles de Firefox. Esta vulnerabilidad afecta a Firefox < 124.0.1 y Firefox ESR < 115.9.1. ... USN-6710-1 fixed vulnerabilities in Firefox. • http://www.openwall.com/lists/oss-security/2024/03/23/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-830: Inclusion of Web Functionality from an Untrusted Source •
CVSS: 9.8EPSS: 24%CPEs: 3EXPL: 2CVE-2024-29943 – Mozilla Firefox SpiderMonkey JIT Compiler Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-29943
22 Mar 2024 — This vulnerability affects Firefox < 124.0.1. ... Esta vulnerabilidad afecta a Firefox < 124.0.1. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mozilla Firefox. ... USN-6710-1 fixed vulnerabilities in Firefox. ... Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. • https://packetstorm.news/files/id/188835 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •