mozilla
3,564 tracked vulnerabilities.
CVE-2025-14330
CRITICAL
Firefox < 146.0 and 140.6-140.* - Memory Corruption in JIT Component
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14329
HIGH
Firefox < 146, Thunderbird < 140.6 - Privilege Escalation
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14328
HIGH
Firefox < 146, Thunderbird < 140.6 - Privilege Escalation
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14327
HIGH
Firefox < 146.0 and ESR 140.7 - Spoofing in Downloads Panel
Dec 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-14326
CRITICAL
Firefox < 146 - Thunderbird < 146 - Use After Free
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14325
HIGH
Firefox < 146.0 and 140.6-140.* - Type Confusion in JIT JavaScript Engine
Dec 09, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-14324
CRITICAL
Firefox < 115.31.0, 140.6-145.9, 146 - Remote Code Execution via JIT Miscompilation
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-14323
HIGH
Firefox < 115.31.0, 140.6-146.0 and Thunderbird < 140.6.0, 146.0 - Privilege Escalation in DOM Notifications
Dec 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-14322
HIGH
Firefox < 146 & Thunderbird < 140.6 - Sandbox Escape
Dec 09, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-14321
CRITICAL
Firefox < 146.0 and 140.6-140.* - Use-After-Free in WebRTC Signaling
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-66453
HIGH
Rhino <1.8.1, <1.7.15.1, <1.7.14.1 - DoS
Dec 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13027
HIGH
Firefox < 145 - Memory Corruption
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13026
CRITICAL
Firefox < 145.0 - Sandbox Escape via WebGPU Boundary Condition Mishandling
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13025
HIGH
Firefox < 145.0 - Incorrect Default Permissions in WebGPU Component
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13024
CRITICAL
Firefox < 145.0 - JIT Miscompilation in JavaScript Engine
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13023
CRITICAL
Firefox < 145.0 - Sandbox Escape via WebGPU Boundary Condition Mismanagement
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13022
CRITICAL
Firefox < 145.0 - Denial of Service in WebGPU Graphics Component
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13021
CRITICAL
Firefox < 145.0 - Denial of Service in WebGPU Graphics Component
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-13020
HIGH
Firefox < 145.0 and Firefox ESR < 140.5 - Use-After-Free in WebRTC Audio/Video Component
Nov 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13019
HIGH
Firefox < 140.5.0 and 140.5-140.* and < 145.0 and >=145 - Same-Origin Policy Bypass in DOM Workers
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13018
HIGH
Firefox < 145 - Firefox ESR < 140.5 - Thunderbird < 145 - Thunderbi...
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13017
HIGH
Firefox < 140.5.0 and 140.5-140.* and < 145.0 and >=145 - Same-Origin Policy Bypass via Notifications Component
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13016
HIGH
Firefox < 145 - Firefox ESR < 140.5 - Thunderbird < 145 - Thunderbi...
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13015
LOW
Firefox < 115.30.0, 115.30-115.*, <140.5, 140.5-140.*, >=145 - Authentication Bypass by Spoofing
Nov 11, 2025
CVSS 3.4
EPSS 0.00
CVE-2025-13014
HIGH
Firefox < 145.0 and ESR < 140.5 and ESR 115.30 - Use-After-Free in Audio/Video Component
Nov 11, 2025
CVSS 8.8
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters