Mozilla : Security Vulnerabilities, CVEs, (Memory corruption)
Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125 and Firefox ESR < 115.10.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
A use-after-free could occur during WASM execution if garbage collection ran during the creation of an array. This vulnerability affects Firefox < 125.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
A use-after-free could result if a JavaScript realm was in the process of being initialized when a garbage collection started. This vulnerability affects Firefox < 125.
Max CVSS
N/A
EPSS Score
N/A
Published
2024-04-16
Updated
2024-04-16
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-19
Updated
2024-03-19
Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-19
Updated
2024-03-25
Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-02-20
Updated
2024-02-20
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-20
Updated
2024-03-04
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Max CVSS
8.8
EPSS Score
0.07%
Published
2024-01-23
Updated
2024-02-02
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-01-23
Updated
2024-01-30
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.
Max CVSS
8.8
EPSS Score
0.09%
Published
2024-01-23
Updated
2024-01-30
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Max CVSS
6.5
EPSS Score
0.06%
Published
2024-01-23
Updated
2024-02-02
Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-07-05
Updated
2024-01-07
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Max CVSS
8.8
EPSS Score
0.11%
Published
2023-07-05
Updated
2023-07-12
A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-07-05
Updated
2024-01-07
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Max CVSS
8.8
EPSS Score
0.11%
Published
2023-07-05
Updated
2023-07-12
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.
Max CVSS
8.8
EPSS Score
0.11%
Published
2023-07-05
Updated
2023-07-12
Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 114.
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-06-19
Updated
2024-01-07
Memory safety bugs present in Firefox 113, Firefox ESR 102.11, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.12, Firefox < 114, and Thunderbird < 102.12.
Max CVSS
9.8
EPSS Score
0.10%
Published
2023-06-19
Updated
2024-01-07
Memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113.
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-06-19
Updated
2024-01-07
Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
Max CVSS
8.8
EPSS Score
0.08%
Published
2023-06-02
Updated
2024-01-07
A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox < 113.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-06-19
Updated
2024-01-07
Mozilla developers Randell Jesup, Andrew McCreight, Gabriele Svelto, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-06-02
Updated
2023-06-09