mozilla

3,564 tracked vulnerabilities.

CVE-2025-54145 CRITICAL
Firefox for iOS >=141 - URL Redirection to Untrusted Site via QR Scanner
Aug 19, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-54144 MEDIUM
Firefox < 141.0 - URL Redirection to Untrusted Site via Search Query Scheme
Aug 19, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-54143 CRITICAL
Firefox for iOS < 141 - Info Disclosure
Aug 19, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8044 CRITICAL
Firefox < 141.0 and Thunderbird < 141.0 - Memory Corruption
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8043 CRITICAL
Firefox < 141.0 - URL Truncation Misrepresentation
Jul 22, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-8040 HIGH
Firefox and Thunderbird < 140.1 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-8039 HIGH
Firefox < 141.0 and Thunderbird < 141.0 - Exposure of Sensitive Information via URL Bar Search Term Persistence
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8038 CRITICAL
Firefox < 141.0 and Thunderbird < 141.0 - Insufficient Verification of Data Authenticity
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8037 CRITICAL
Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird ...
Jul 22, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-8036 HIGH
Firefox and Thunderbird - DNS Rebinding CORS Bypass
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8035 HIGH
Firefox and Thunderbird < 141.0 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-8034 HIGH
Mozilla Firefox < 115.26.0 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-8033 MEDIUM
Firefox/Thunderbird JavaScript Engine Null Pointer Dereference
Jul 22, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-8032 HIGH
Firefox <141, Firefox ESR <128.13, Firefox ESR <140.1, Thunderbird ...
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8031 CRITICAL
Firefox and Thunderbird - HTTP Basic Authentication Credential Leak via CSP Report URL Handling
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8030 HIGH
Firefox and Thunderbird < 141.0 - Remote Code Execution via Copy as cURL Feature
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8029 HIGH
Firefox and Thunderbird < 128.13.0 and < 141.0 - Cross-Site Scripting via JavaScript URLs in Object and Embed Tags
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8028 CRITICAL
Firefox < 115.26.0, 115.26-115.*, 128.13-128.*, >=140.1 <140.*, >=141 - Memory Corruption via WASM br_table Instruction
Jul 22, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-8027 MEDIUM
Firefox < 115.26.0, 115.26-115.*, < 128.13.0, 128.13-128.*, < 140.1, >=141 - Uninitialized Variable Use in IonMonkey-JIT
Jul 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-6703 MEDIUM
Mozilla neqo 0.4.24-0.13.2 - Denial of Service via Improper Input Validation
Jun 26, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-6436 HIGH
Firefox < 140.0 and Thunderbird < 140.0 - Memory Corruption
Jun 24, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-6435 HIGH
Firefox/Thunderbird <140.0 - Dangerous File Upload via Devtools Network Tab
Jun 24, 2025
CVSS 8.1
EPSS 0.01
CVE-2025-6434 MEDIUM
Firefox < 140.0 - Clickjacking via HTTPS-Only Exception Page
Jun 24, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-6433 CRITICAL
Firefox < 140.0 - Improper Certificate Validation via WebAuthn Challenge
Jun 24, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-6432 HIGH
Firefox < 140.0 - DNS Proxy Bypass via Invalid Domain or Unresponsive SOCKS Proxy
Jun 24, 2025
CVSS 8.6
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 18 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV