mozilla

3,565 tracked vulnerabilities.

CVE-2024-10474 MEDIUM
Firefox Focus < 132.0 - Improper Authentication via Deeplink Scheme Bypass
Oct 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-10468 MEDIUM
Firefox < 132.0 - Memory Corruption via IndexedDB Race Condition
Oct 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-10467 HIGH
Firefox < 132 and ESR < 128.4 - Memory Corruption via Out-of-bounds Read
Oct 29, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-10466 HIGH
Firefox < 132 and ESR < 128.4 - Denial of Service via Crafted Push Message
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10465 MEDIUM
Firefox < 132 and ESR < 128.4 - Authentication Bypass by Spoofing via Persistent Clipboard Paste Button
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10464 MEDIUM
Firefox < 132 and ESR < 128.4 - Denial of Service via History Interface Attribute Writes
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10463 MEDIUM
Firefox < 132 and ESR < 128.4 - Cross-Origin Video Frame Leak
Oct 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-10462 MEDIUM
Firefox < 132 and ESR < 128.4 - Origin Spoofing via Truncated URL in Permission Prompt
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10461 MEDIUM
Firefox < 132 and ESR < 128.4 - Cross-Site Scripting via Multipart/x-mixed-replace Response
Oct 29, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-10460 MEDIUM
Firefox < 132 and ESR < 128.4 - Origin Validation Error via Data URL in iframe
Oct 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-10459 HIGH
Firefox < 132 and ESR < 128.4/< 115.17 - Use-After-Free with Accessibility Enabled
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10458 HIGH
Firefox < 132 & Thunderbird < 132 - SSRF
Oct 29, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-10004 CRITICAL
Firefox for iOS < 131.2 - Info Disclosure
Oct 15, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-9936 MEDIUM
Firefox < 131.0.3 - Memory Corruption
Oct 14, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9680 CRITICAL KEV
Firefox < 131.0.2 and ESR < 128.3.1 and ESR < 115.16.1 - Use-After-Free in Animation Timelines
Oct 09, 2024
CVSS 9.8
EPSS 0.31
CVE-2024-9403 HIGH
Firefox < 131 - Memory Corruption
Oct 01, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-9402 CRITICAL
Firefox < 131 and ESR < 128.3 - Memory Corruption
Oct 01, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-9401 CRITICAL
Firefox < 131 and ESR < 128.3 and ESR < 115.16 - Memory Corruption
Oct 01, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-9400 HIGH
Firefox < 131 and ESR < 128.3 - Memory Corruption during JIT Compilation
Oct 01, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-9399 HIGH
Firefox < 131 and ESR < 128.3 - Denial of Service via WebTransport Session
Oct 01, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-9398 MEDIUM
Firefox < 131 and Firefox ESR < 128.3 - Information Disclosure via Protocol Handler Detection
Oct 01, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-9397 MEDIUM
Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3 - CSRF
Oct 01, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-9396 HIGH
Firefox < 131 and ESR < 128.3 - Memory Corruption via Structured Clone
Oct 01, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-9395 MEDIUM
Firefox < 131.0 for Android - Filename Extension Spoofing via Large Number of Spaces
Oct 01, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-9394 HIGH
Firefox < 131 and ESR < 115.16.0 - Cross-Site Scripting via Multipart Response
Oct 01, 2024
CVSS 7.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV