mozilla

3,565 tracked vulnerabilities.

CVE-2025-0240 MEDIUM
Firefox < 134 & Thunderbird < 134 - Use After Free
Jan 07, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-0239 MEDIUM
Firefox < 134 & Thunderbird < 128.6 - SSL Validation
Jan 07, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-0238 MEDIUM
Firefox < 115.19.0, 115.19-115.*, < 128.6, 128.6-128.*, >=134 - Use-After-Free
Jan 07, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0237 MEDIUM
Firefox <134, Thunderbird <128.6 - Privilege Escalation
Jan 07, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-53976 MEDIUM
Firefox for iOS < 133 - Info Disclosure
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-53975 MEDIUM
Firefox for iOS < 133 - Info Disclosure
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-11708 MEDIUM
Firefox < 133 and Thunderbird < 133 - Data Race via PlaybackParams Structure
Nov 26, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11706 MEDIUM
Firefox < 133 - Null Pointer Dereference in pk12util SEC_ASN1DecodeItem_Util
Nov 26, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11705 CRITICAL
Thunderbird < 133.0 - Denial of Service via NULL Pointer Dereference in NSC_DeriveKey
Nov 26, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-11704 CRITICAL
Firefox < 133 and ESR < 128.7 - Use-After-Free in sec_pkcs7_decoder_start_decrypt
Nov 26, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-11703 MEDIUM
Firefox < 133.0 on Android - Insufficiently Protected Credentials
Nov 26, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-11702 HIGH
Firefox < 133 and Thunderbird < 133 - Unintended Sensitive Data Exposure via Android Clipboard
Nov 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-11701 MEDIUM
Firefox < 133 and Thunderbird < 133 - Authentication Bypass by Spoofing via Address Bar Display
Nov 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-11700 HIGH
Firefox < 133 and Thunderbird < 133 - Tapjacking via UI Layer Manipulation
Nov 26, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-11699 HIGH
Firefox < 133 and ESR < 128.5 - Remote Code Execution
Nov 26, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-11698 CRITICAL
Mozilla Firefox and Thunderbird - Fullscreen Mode Lock on macOS
Nov 26, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-11697 HIGH
Firefox < 133 and ESR < 128.5 - Unauthenticated Code Execution via Keypress Event Dialog Bypass
Nov 26, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-11696 MEDIUM
Mozilla Firefox and Thunderbird - Signature Validation Bypass via Exception Handling
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-11695 MEDIUM
Firefox < 133 & Thunderbird < 128.5 - Open Redirect
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-11694 MEDIUM
Firefox < 133 & Thunderbird < 133 - XSS
Nov 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-11693 CRITICAL
Firefox < 133, Thunderbird < 128.5 - Info Disclosure
Nov 26, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-11692 MEDIUM
Firefox < 133 and ESR < 128.5 - Authentication Bypass by Spoofing via Select Dropdown Overlay
Nov 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-11691 HIGH
Apple GPU driver - Memory Corruption
Nov 26, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-11159 MEDIUM
Thunderbird < 128.4.3 - Cleartext Storage of Sensitive Information via OpenPGP Encrypted Messages
Nov 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-10941 MEDIUM
Firefox < 126.0 - Denial of Service via Malformed URI in Iframe
Nov 06, 2024
CVSS 6.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV