Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mozilla:firefox_esr:91.13:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-3266 |
An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. Published: December 22, 2022; 3:15:38 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-38477 |
Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104. Published: December 22, 2022; 3:15:37 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-38476 |
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2. Published: December 22, 2022; 3:15:37 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-36319 |
When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Published: December 22, 2022; 3:15:35 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2022-36318 |
When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. Published: December 22, 2022; 3:15:35 PM -0500 |
V4.0:(not available) V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2022-36314 |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. Published: December 22, 2022; 3:15:34 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-2505 |
Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.1, Firefox < 103, and Thunderbird < 102.1. Published: December 22, 2022; 3:15:27 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |