mozilla

3,621 tracked vulnerabilities.

CVE-2024-43111 MEDIUM
Firefox for iOS < 129 - Cross-Site Scripting via Download Link Long Press
Aug 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-7531 MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Information Exposure via QUIC Header Protection
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-7530 HIGH
Firefox < 129.0 - Use-After-Free via Garbage Collection Interaction
Aug 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-7529 MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - UI Misrepresentation via Date Picker Overlay
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-7528 HIGH
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - Use-After-Free in IndexedDB
Aug 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-7527 HIGH
Firefox < 129 and Firefox ESR < 115.14 - Use-After-Free
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7526 MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Information Disclosure via Uninitialized Memory Read
Aug 06, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-7525 HIGH
Firefox < 129 and ESR < 115.14 - Improper Access Control via StreamFilter
Aug 06, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-7524 MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Cross-Site Scripting via DOM Clobbering Bypass
Aug 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-7523 HIGH
Firefox < 129 (Android) - UI Spoofing via Select Option Overlay
Aug 06, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-7522 HIGH
Firefox < 129 and Firefox ESR < 115.14 - Out-of-bounds Read in Editor Attribute Handling
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7521 HIGH
Firefox < 129 and Firefox ESR < 115.14 - Use-After-Free via WebAssembly Exception Handling
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7520 HIGH
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - Remote Code Execution via WebAssembly Type Confusion
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7519 CRITICAL
Firefox < 129 and Firefox ESR < 115.14 - Out-of-bounds Write in Graphics Shared Memory
Aug 06, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-7518 MEDIUM
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - UI Spoofing via Fullscreen Notification Obscuring
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-6615 HIGH
Firefox < 128.0 - Out-of-bounds Write
Jul 09, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6614 MEDIUM
Firefox < 128 - Denial of Service via WASM Frame Iterator Loop
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6613 MEDIUM
Firefox and Thunderbird < 128 - Information Disclosure via WASM Frame Iterator
Jul 09, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-6612 MEDIUM
Firefox < 128 and Thunderbird < 128 - DNS Prefetch Information Leak via CSP Violation Console Links
Jul 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6611 CRITICAL
Firefox < 128 and Thunderbird < 128 - Sensitive Cookie Exposure via SameSite Attribute Bypass
Jul 09, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-6610 MEDIUM
Firefox and Thunderbird < 128.0 - UI Misrepresentation via Form Validation Popup Escape Key Capture
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6609 HIGH
Firefox < 128 and Thunderbird < 128 - Use-After-Free in Elliptic Curve Key Handling
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6608 MEDIUM
Firefox < 128 - Cursor Position Manipulation via Pointer Lock in Iframe
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6607 HIGH
Firefox < 128 and Thunderbird < 128 - Use-After-Free via Pointer Lock and Custom Validity Overlay
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6606 HIGH
Firefox < 128 and Thunderbird < 128 - Out-of-bounds Read in Clipboard Array Access
Jul 09, 2024
CVSS 8.2
EPSS 0.00