Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / mozilla

mozilla

3,564 tracked vulnerabilities.

CVE-2025-4918 CRITICAL

Mozilla Firefox < 115.23.1 - Out-of-Bounds Write

CVE-2025-3932 MEDIUM

Thunderbird < 128.10.1, < 138.0.1 - XSS

CVE-2025-3909 HIGH

Thunderbird <128.10.1, 128.10.1-128.*, >=138.0.1 - JavaScript Execution via X-Mozilla-External-Attachment-URL

CVE-2025-3875 HIGH

Thunderbird < 128.10.0, 128.10.1-128.*, >=138.0.1 - Sender Spoofing via Invalid From Header Parsing

CVE-2025-3859 MEDIUM

Mozilla Firefox Focus < 138.0 - User Interface Misrepresentation via URL Eliding

CVE-2025-4093 HIGH

Firefox ESR 128.9 and Thunderbird 128.9 - Memory Corruption

CVE-2025-4092 MEDIUM

Firefox < 138.0 and Thunderbird < 138.0 - Memory Corruption

CVE-2025-4091 HIGH

Firefox < 138.0 and < 128.10 - Memory Corruption

CVE-2025-4090 MEDIUM

Firefox and Thunderbird < 138.0 - Sensitive Information Exposure via Logcat

CVE-2025-4089 MEDIUM

Firefox < 138.0 - Command Injection via Copy as cURL Feature

CVE-2025-4088 MEDIUM

Firefox and Thunderbird < 138.0 - Cross-Site Request Forgery via Storage Access API Redirect

CVE-2025-4087 MEDIUM

Firefox < 138.0 and < 128.10 - Out-of-bounds Read in XPath Parser

CVE-2025-4086 MEDIUM

Thunderbird for Android - Info Disclosure

CVE-2025-4085 HIGH

Firefox < 138.0 and Thunderbird < 138.0 - Privilege Escalation via UITour Actor

CVE-2025-4084 MEDIUM

Firefox <128.10 - Local Code Execution

CVE-2025-4083 CRITICAL

Thunderbird <138 - Sandbox Escape

CVE-2025-4082 MEDIUM

Firefox <115.23, 115.23-115.*, <138.0, >=138; Thunderbird <128.10.0, 128.10-128.*, >=138 - Out-of-bounds Read via WebGL

CVE-2025-2817 HIGH

Firefox <115.23.0, 115.23-115.*, <128.10.0, 128.10-128.*, >=138 Privilege Escalation via Update Mechanism

CVE-2025-3523 MEDIUM

Thunderbird < 137.0.2-< 128.9.2 - Info Disclosure

CVE-2025-3522 MEDIUM

Thunderbird < 128.9.2 and 128.9.2-137.0.1 - URL Redirection via X-Mozilla-External-Attachment-URL

CVE-2025-2830 MEDIUM

Thunderbird < 128.9.2 and 128.9.2-137.0.2 - Path Traversal and Information Disclosure via Malformed Attachment Filename

CVE-2025-3608 MEDIUM

Firefox < 137.0.2 - Memory Corruption via Race Condition in nsHttpTransaction

CVE-2025-3035 MEDIUM

Firefox < 137.0 - Unauthorized Document Title Exposure via AI Chatbot

CVE-2025-3034 HIGH

Firefox < 137.0 and Thunderbird < 137.0 - Out-of-bounds Write

CVE-2025-3033 HIGH

Firefox < 137.0 - Arbitrary File Upload via Malicious .url Shortcut

Previous Page 15 of 143 Next

Products

firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 18 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy