mozilla

3,619 tracked vulnerabilities.

CVE-2025-55032 MEDIUM
Mozilla Focus for iOS < 142 - Cross-Site Scripting via Content-Disposition Header Mishandling
Aug 19, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-55031 CRITICAL
Firefox for iOS < 142 - Open Redirect via FIDO Passkey Transport
Aug 19, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-55030 MEDIUM
Firefox for iOS < 142 - Cross-Site Scripting via Content-Disposition Header Bypass
Aug 19, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-55029 HIGH
Firefox < 142.0 - Denial of Service via Popup Blocker Bypass
Aug 19, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-55028 MEDIUM
Firefox < 142.0 - Denial of Service via Repetitive JavaScript Alerts
Aug 19, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-54145 CRITICAL
Firefox for iOS >=141 - URL Redirection to Untrusted Site via QR Scanner
Aug 19, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-54144 MEDIUM
Firefox < 141.0 - URL Redirection to Untrusted Site via Search Query Scheme
Aug 19, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-54143 CRITICAL
Firefox for iOS < 141 - Info Disclosure
Aug 19, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8044 CRITICAL
Firefox < 141.0 and Thunderbird < 141.0 - Memory Corruption
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8043 CRITICAL
Firefox < 141.0 - URL Truncation Misrepresentation
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8040 HIGH
Firefox and Thunderbird < 140.1 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-8039 HIGH
Firefox < 141.0 and Thunderbird < 141.0 - Exposure of Sensitive Information via URL Bar Search Term Persistence
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8038 CRITICAL
Firefox < 141.0 and Thunderbird < 141.0 - Insufficient Verification of Data Authenticity
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8037 CRITICAL
Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird ...
Jul 22, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-8036 HIGH
Firefox and Thunderbird - DNS Rebinding CORS Bypass
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8035 HIGH
Firefox and Thunderbird < 141.0 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-8034 HIGH
Mozilla Firefox < 115.26.0 - Memory Corruption
Jul 22, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-8033 MEDIUM
Firefox/Thunderbird JavaScript Engine Null Pointer Dereference
Jul 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-8032 HIGH
Firefox <141, Firefox ESR <128.13, Firefox ESR <140.1, Thunderbird ...
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8031 CRITICAL
Firefox and Thunderbird - HTTP Basic Authentication Credential Leak via CSP Report URL Handling
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8030 HIGH
Firefox and Thunderbird < 141.0 - Remote Code Execution via Copy as cURL Feature
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8029 HIGH
Firefox and Thunderbird < 128.13.0 and < 141.0 - Cross-Site Scripting via JavaScript URLs in Object and Embed Tags
Jul 22, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-8028 CRITICAL
Firefox < 115.26.0, 115.26-115.*, 128.13-128.*, >=140.1 <140.*, >=141 - Memory Corruption via WASM br_table Instruction
Jul 22, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-8027 MEDIUM
Firefox < 115.26.0, 115.26-115.*, < 128.13.0, 128.13-128.*, < 140.1, >=141 - Uninitialized Variable Use in IonMonkey-JIT
Jul 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-6703 MEDIUM
Mozilla neqo 0.4.24-0.13.2 - Denial of Service via Improper Input Validation
Jun 26, 2025
CVSS 6.5
EPSS 0.00