mozilla
3,621 tracked vulnerabilities.
CVE-2025-0246
MEDIUM
Firefox < 134.0 - Address Bar Spoofing via Invalid Protocol Scheme
Jan 07, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-0245
LOW
Firefox < 134.0 - Authentication Bypass in Focus Mode
Jan 07, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-0244
MEDIUM
Firefox < 134.0 - Address Bar Spoofing via Invalid Protocol Scheme Redirect
Jan 07, 2025
CVSS 5.3
EPSS 0.07
CVE-2025-0243
MEDIUM
Firefox <134 - Firefox ESR <128.6 - Memory Corruption
Jan 07, 2025
CVSS 5.1
EPSS 0.00
CVE-2025-0242
MEDIUM
Firefox <115.19.0, 115.19-115.*, <128.6.0, 128.6-128.*, >=134 & Thunderbird <128.6.0, 128.6-128.*, >=134 OOB Write
Jan 07, 2025
CVSS 6.5
EPSS 0.13
CVE-2025-0241
HIGH
Firefox < 134.0 and 128.6-128.* - Use-After-Free via Text Segmentation
Jan 07, 2025
CVSS 7.7
EPSS 0.01
CVE-2025-0240
MEDIUM
Firefox < 134 & Thunderbird < 134 - Use After Free
Jan 07, 2025
CVSS 4.0
EPSS 0.01
CVE-2025-0239
MEDIUM
Firefox < 134 & Thunderbird < 128.6 - SSL Validation
Jan 07, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-0238
MEDIUM
Firefox < 115.19.0, 115.19-115.*, < 128.6, 128.6-128.*, >=134 - Use-After-Free
Jan 07, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-0237
MEDIUM
Firefox <134, Thunderbird <128.6 - Privilege Escalation
Jan 07, 2025
CVSS 5.4
EPSS 0.01
CVE-2024-53976
MEDIUM
Firefox for iOS < 133 - Info Disclosure
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-53975
MEDIUM
Firefox for iOS < 133 - Info Disclosure
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-11708
MEDIUM
Firefox < 133 and Thunderbird < 133 - Data Race via PlaybackParams Structure
Nov 26, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11706
MEDIUM
Firefox < 133 - Null Pointer Dereference in pk12util SEC_ASN1DecodeItem_Util
Nov 26, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-11705
CRITICAL
Thunderbird < 133.0 - Denial of Service via NULL Pointer Dereference in NSC_DeriveKey
Nov 26, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-11704
CRITICAL
Firefox < 133 and ESR < 128.7 - Use-After-Free in sec_pkcs7_decoder_start_decrypt
Nov 26, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-11703
MEDIUM
Firefox < 133.0 on Android - Insufficiently Protected Credentials
Nov 26, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-11702
HIGH
Firefox < 133 and Thunderbird < 133 - Unintended Sensitive Data Exposure via Android Clipboard
Nov 26, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-11701
MEDIUM
Firefox < 133 and Thunderbird < 133 - Authentication Bypass by Spoofing via Address Bar Display
Nov 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-11700
HIGH
Firefox < 133 and Thunderbird < 133 - Tapjacking via UI Layer Manipulation
Nov 26, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-11699
HIGH
Firefox < 133 and ESR < 128.5 - Remote Code Execution
Nov 26, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-11698
CRITICAL
Mozilla Firefox and Thunderbird - Fullscreen Mode Lock on macOS
Nov 26, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-11697
HIGH
Firefox < 133 and ESR < 128.5 - Unauthenticated Code Execution via Keypress Event Dialog Bypass
Nov 26, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-11696
MEDIUM
Mozilla Firefox and Thunderbird - Signature Validation Bypass via Exception Handling
Nov 26, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-11695
MEDIUM
Firefox < 133 & Thunderbird < 128.5 - Open Redirect
Nov 26, 2024
CVSS 5.4
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters