threat
engine
.sh
Back
·
··:··
Home
/
Product
/
mozilla focus
Product
mozilla focus
15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-29551
< 112.0
Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough
8.8
HIGH
CVE-2023-29550
< 112.0
Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we pr
8.8
HIGH
CVE-2023-29549
< 112.0
Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnera
6.5
MEDIUM
CVE-2023-29548
< 112.0
A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox
6.5
MEDIUM
CVE-2023-29547
< 112.0
When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it sho
6.5
MEDIUM
CVE-2023-29544
< 112.0
If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corrup
6.5
MEDIUM
CVE-2023-29543
< 112.0
An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's deb
8.8
HIGH
CVE-2023-29541
< 112.0
Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled command
8.8
HIGH
CVE-2023-29540
< 112.0
Using a redirect embedded into sourceMappingUrls could allow for navigation to external protocol links in sandboxed iframes withou
6.1
MEDIUM
CVE-2023-29539
< 112.0
When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained
8.8
HIGH
CVE-2023-29538
< 112.0
Under specific circumstances a WebExtension may have received a jar:file:/// URI instead of a moz-extension:/// URI during a load
4.3
MEDIUM
CVE-2023-29537
< 112.0
Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code.
7.5
HIGH
CVE-2023-29536
< 112.0
An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in a
8.8
HIGH
CVE-2023-29535
< 112.0
Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in mem
6.5
MEDIUM
CVE-2023-29533
< 112.0
A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name
4.3
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin