mozilla
3,564 tracked vulnerabilities.
CVE-2025-13013
MEDIUM
Firefox < 145 - Firefox ESR < 140.5-115.30 - Mitigation Bypass
Nov 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-13012
HIGH
Firefox < 115.30.0, 115.30-115.*, 140.5-140.*, >=145 - Race Condition in Graphics Component
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12380
CRITICAL
Firefox 142.0-144.0.1 - Use-After-Free via WebGPU IPC Calls
Oct 28, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11721
CRITICAL
Firefox 143 and Thunderbird 143 - Memory Corruption
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11720
HIGH
Firefox < 144.0 - User Interface Misrepresentation of Critical Information in Android Custom Tab
Oct 14, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-11719
CRITICAL
Firefox and Thunderbird 143.0-143.x - Use-After-Free via Native Messaging API
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11718
MEDIUM
Firefox < 144.0 - User Interface Misrepresentation via Fake Address Bar on Android
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11717
CRITICAL
Firefox < 144.0 - Password Screen Exposure via Android App Switcher
Oct 14, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-11716
MEDIUM
Firefox < 144.0 - Unauthenticated External App Launch via Sandboxed Iframe Links
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11715
HIGH
Firefox and Thunderbird < 144.0 - Memory Corruption
Oct 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-11714
HIGH
Firefox < 115.29.0 and 140.4-143 - Memory Corruption
Oct 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-11713
HIGH
Firefox <144, Firefox ESR <140.4, Thunderbird <144, Thunderbird <14...
Oct 14, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-11712
MEDIUM
Firefox < 144.0 and 140.4-140.* - Cross-Site Scripting via OBJECT Tag Type Attribute
Oct 14, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-11711
MEDIUM
Firefox <144 - XSS
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11710
CRITICAL
Mozilla Firefox < 115.29.0 - Information Disclosure
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11709
CRITICAL
Firefox < 115.29.0, 115.29-115.*, 140.4-140.*, >=144 - Out-of-bounds Write via WebGL Textures
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11708
CRITICAL
Firefox < 144.0 and 140.4-140.* - Use-After-Free in MediaTrackGraphImpl
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11153
HIGH
Firefox < 143.0.3 - Buffer Overflow
Sep 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11152
HIGH
Firefox < 143.0.3 - Buffer Overflow
Sep 30, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-10859
MEDIUM
Firefox for iOS < 143.1 - Info Disclosure
Sep 30, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-10537
HIGH
Firefox and Thunderbird < 143 - Memory Corruption
Sep 16, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-10536
MEDIUM
Firefox < 143.0 and < 140.3.0 - Information Disclosure in Networking Cache
Sep 16, 2025
CVSS 6.2
EPSS 0.00
CVE-2025-10535
HIGH
Firefox < 143.0 - Information Disclosure and Mitigation Bypass in Privacy Component
Sep 16, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-10534
HIGH
Firefox and Thunderbird < 143.0 - Spoofing via Site Permissions Component
Sep 16, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-10533
HIGH
Firefox < 115.28.0 and 140.3-143 - Integer Overflow in SVG Component
Sep 16, 2025
CVSS 8.8
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 18
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters