CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-43498 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43498
12 Nov 2024 — An update for firefox is now available for Red Hat Enterprise Linux 9. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43498 • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10474
https://notcve.org/view.php?id=CVE-2024-10474
29 Oct 2024 — Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132. • https://bugzilla.mozilla.org/show_bug.cgi?id=1863832 •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-10468 – Gentoo Linux Security Advisory 202412-06
https://notcve.org/view.php?id=CVE-2024-10468
29 Oct 2024 — This vulnerability affects Firefox < 132 and Thunderbird < 132. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1914982 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10467 – firefox: thunderbird: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4
https://notcve.org/view.php?id=CVE-2024-10467
29 Oct 2024 — Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. ... This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132. ... The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. ... Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10458 – firefox: thunderbird: Permission leak via embed or object elements
https://notcve.org/view.php?id=CVE-2024-10458
29 Oct 2024 — This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, Thunderbird < 128.4, and Thunderbird < 132. • https://bugzilla.mozilla.org/show_bug.cgi?id=1921733 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-281: Improper Preservation of Permissions •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-10004
https://notcve.org/view.php?id=CVE-2024-10004
15 Oct 2024 — Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly This vulnerability affects Firefox for iOS < 131.2. • https://bugzilla.mozilla.org/show_bug.cgi?id=1904885 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 2CVE-2024-9680 – Mozilla Firefox Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-9680
09 Oct 2024 — This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, and Firefox ESR < 115.16.1. ... This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0. A remote code execution vulnerability was found in Firefox and Thunderbird. ... Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that al... • https://github.com/tdonaworth/Firefox-CVE-2024-9680 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9395 – Gentoo Linux Security Advisory 202412-06
https://notcve.org/view.php?id=CVE-2024-9395
01 Oct 2024 — A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131. ... *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131. • https://bugzilla.mozilla.org/show_bug.cgi?id=1906024 •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-9402 – firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
https://notcve.org/view.php?id=CVE-2024-9402
01 Oct 2024 — Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. ... This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. ... The Mozilla Foundation's Security Advisory describes the issue as follows: Memory safety bugs are present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. ... Multiple security issues were discovered in Firefox. ... Masato Kinugawa discovered that Fir... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1913445%2C1914106%2C1914475%2C1914963%2C1915008%2C1916476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 34EXPL: 0CVE-2024-9401 – firefox: thunderbird: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
https://notcve.org/view.php?id=CVE-2024-9401
01 Oct 2024 — Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. ... This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. The Mozilla Foundation's Security Advisory: Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. ... Multiple security issues were discovered in Firefox... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1872744%2C1897792%2C1911317%2C1916476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •