mozilla

3,619 tracked vulnerabilities.

CVE-2025-13018 HIGH
Firefox < 145 - Firefox ESR < 140.5 - Thunderbird < 145 - Thunderbi...
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13017 HIGH
Firefox < 140.5.0 and 140.5-140.* and < 145.0 and >=145 - Same-Origin Policy Bypass via Notifications Component
Nov 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-13016 HIGH
Firefox < 145 - Firefox ESR < 140.5 - Thunderbird < 145 - Thunderbi...
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-13015 LOW
Firefox < 115.30.0, 115.30-115.*, <140.5, 140.5-140.*, >=145 - Authentication Bypass by Spoofing
Nov 11, 2025
CVSS 3.4
EPSS 0.00
CVE-2025-13014 HIGH
Firefox < 145.0 and ESR < 140.5 and ESR 115.30 - Use-After-Free in Audio/Video Component
Nov 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-13013 MEDIUM
Firefox < 145 - Firefox ESR < 140.5-115.30 - Mitigation Bypass
Nov 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-13012 HIGH
Firefox < 115.30.0, 115.30-115.*, 140.5-140.*, >=145 - Race Condition in Graphics Component
Nov 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-12380 CRITICAL
Firefox 142.0-144.0.1 - Use-After-Free via WebGPU IPC Calls
Oct 28, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11721 CRITICAL
Firefox 143 and Thunderbird 143 - Memory Corruption
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11720 HIGH
Firefox < 144.0 - User Interface Misrepresentation of Critical Information in Android Custom Tab
Oct 14, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-11719 CRITICAL
Firefox and Thunderbird 143.0-143.x - Use-After-Free via Native Messaging API
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11718 MEDIUM
Firefox < 144.0 - User Interface Misrepresentation via Fake Address Bar on Android
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11717 CRITICAL
Firefox < 144.0 - Password Screen Exposure via Android App Switcher
Oct 14, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-11716 MEDIUM
Firefox < 144.0 - Unauthenticated External App Launch via Sandboxed Iframe Links
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11715 HIGH
Firefox and Thunderbird < 144.0 - Memory Corruption
Oct 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-11714 HIGH
Firefox < 115.29.0 and 140.4-143 - Memory Corruption
Oct 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-11713 HIGH
Firefox <144, Firefox ESR <140.4, Thunderbird <144, Thunderbird <14...
Oct 14, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-11712 MEDIUM
Firefox < 144.0 and 140.4-140.* - Cross-Site Scripting via OBJECT Tag Type Attribute
Oct 14, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-11711 MEDIUM
Firefox <144 - XSS
Oct 14, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-11710 CRITICAL
Mozilla Firefox < 115.29.0 - Information Disclosure
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11709 CRITICAL
Firefox < 115.29.0, 115.29-115.*, 140.4-140.*, >=144 - Out-of-bounds Write via WebGL Textures
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11708 CRITICAL
Firefox < 144.0 and 140.4-140.* - Use-After-Free in MediaTrackGraphImpl
Oct 14, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-11153 HIGH
Firefox < 143.0.3 - Buffer Overflow
Sep 30, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-11152 HIGH
Firefox < 143.0.3 - Buffer Overflow
Sep 30, 2025
CVSS 8.6
EPSS 0.00
CVE-2025-10859 MEDIUM
Firefox for iOS < 143.1 - Info Disclosure
Sep 30, 2025
CVSS 4.0
EPSS 0.00