mozilla
3,621 tracked vulnerabilities.
CVE-2024-11694
MEDIUM
Firefox < 133 & Thunderbird < 133 - XSS
Nov 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-11693
CRITICAL
Firefox < 133, Thunderbird < 128.5 - Info Disclosure
Nov 26, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-11692
MEDIUM
Firefox < 133 and ESR < 128.5 - Authentication Bypass by Spoofing via Select Dropdown Overlay
Nov 26, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-11691
HIGH
Apple GPU driver - Memory Corruption
Nov 26, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-11159
MEDIUM
Thunderbird < 128.4.3 - Cleartext Storage of Sensitive Information via OpenPGP Encrypted Messages
Nov 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-10941
MEDIUM
Firefox < 126.0 - Denial of Service via Malformed URI in Iframe
Nov 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-10474
MEDIUM
Firefox Focus < 132.0 - Improper Authentication via Deeplink Scheme Bypass
Oct 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-10468
MEDIUM
Firefox < 132.0 - Memory Corruption via IndexedDB Race Condition
Oct 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-10467
HIGH
Firefox < 132 and ESR < 128.4 - Memory Corruption via Out-of-bounds Read
Oct 29, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-10466
HIGH
Firefox < 132 and ESR < 128.4 - Denial of Service via Crafted Push Message
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10465
MEDIUM
Firefox < 132 and ESR < 128.4 - Authentication Bypass by Spoofing via Persistent Clipboard Paste Button
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10464
MEDIUM
Firefox < 132 and ESR < 128.4 - Denial of Service via History Interface Attribute Writes
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10463
MEDIUM
Firefox < 132 and ESR < 128.4 - Cross-Origin Video Frame Leak
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10462
MEDIUM
Firefox < 132 and ESR < 128.4 - Origin Spoofing via Truncated URL in Permission Prompt
Oct 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10461
MEDIUM
Firefox < 132 and ESR < 128.4 - Cross-Site Scripting via Multipart/x-mixed-replace Response
Oct 29, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-10460
MEDIUM
Firefox < 132 and ESR < 128.4 - Origin Validation Error via Data URL in iframe
Oct 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-10459
HIGH
Firefox < 132 and ESR < 128.4/< 115.17 - Use-After-Free with Accessibility Enabled
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10458
HIGH
Firefox < 132 & Thunderbird < 132 - SSRF
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-10004
CRITICAL
Firefox for iOS < 131.2 - Info Disclosure
Oct 15, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-9936
MEDIUM
Firefox < 131.0.3 - Memory Corruption
Oct 14, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-9680
CRITICAL
KEV
Firefox < 131.0.2 and ESR < 128.3.1 and ESR < 115.16.1 - Use-After-Free in Animation Timelines
Oct 09, 2024
CVSS 9.8
EPSS 0.33
CVE-2024-9403
HIGH
Firefox < 131 - Memory Corruption
Oct 01, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-9402
CRITICAL
Firefox < 131 and ESR < 128.3 - Memory Corruption
Oct 01, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-9401
CRITICAL
Firefox < 131 and ESR < 128.3 and ESR < 115.16 - Memory Corruption
Oct 01, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-9400
HIGH
Firefox < 131 and ESR < 128.3 - Memory Corruption during JIT Compilation
Oct 01, 2024
CVSS 8.8
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters