|
196941
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
|
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary …
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2021-23997
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196942
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other att…
|
NVD-CWE-Other
|
CVE-2021-23996
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196943
|
8.8 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulner…
|
CWE-672
Operation on a Resource after Expiration or Release
|
CVE-2021-23995
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196944
|
8.8 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.
|
CWE-909
Missing Initialization of Resource
|
CVE-2021-23994
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196945
|
6.5 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a correspondent. If an attacker creates a crafted OpenPGP key with a subkey that has an invalid self signature, …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-23993
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196946
|
4.3 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
Thunderbird did not check if the user ID associated with an OpenPGP key has a valid self signature. An attacker may create a crafted version of an OpenPGP key, by either replacing the original user I…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2021-23992
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196947
|
6.8 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
If a Thunderbird user has previously imported Alice's OpenPGP key, and Alice has extended the validity period of her key, but Alice's updated key has not yet been imported, an attacker may send an em…
|
NVD-CWE-Other
|
CVE-2021-23991
|
2024-11-21 14:52 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196948
|
5.4 |
MEDIUM
Network
|
codecabin
|
wp_go_maps
|
The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site S…
|
CWE-79
Cross-site Scripting
|
CVE-2021-24383
|
2024-11-21 14:52 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196949
|
5.3 |
MEDIUM
Network
|
wphappycoders
|
comments_like_dislike
|
The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user…
|
-
|
CVE-2021-24379
|
2024-11-21 14:52 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196950
|
4.8 |
MEDIUM
Network
|
autoptimize
|
autoptimize
|
The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privil…
|
-
|
CVE-2021-24378
|
2024-11-21 14:52 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
