mozilla
3,621 tracked vulnerabilities.
CVE-2024-43111
MEDIUM
Firefox for iOS < 129 - Cross-Site Scripting via Download Link Long Press
Aug 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-7531
MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Information Exposure via QUIC Header Protection
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-7530
HIGH
Firefox < 129.0 - Use-After-Free via Garbage Collection Interaction
Aug 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-7529
MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - UI Misrepresentation via Date Picker Overlay
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-7528
HIGH
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - Use-After-Free in IndexedDB
Aug 06, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-7527
HIGH
Firefox < 129 and Firefox ESR < 115.14 - Use-After-Free
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7526
MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Information Disclosure via Uninitialized Memory Read
Aug 06, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-7525
HIGH
Firefox < 129 and ESR < 115.14 - Improper Access Control via StreamFilter
Aug 06, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-7524
MEDIUM
Firefox < 129 and Firefox ESR < 115.14 - Cross-Site Scripting via DOM Clobbering Bypass
Aug 06, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-7523
HIGH
Firefox < 129 (Android) - UI Spoofing via Select Option Overlay
Aug 06, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-7522
HIGH
Firefox < 129 and Firefox ESR < 115.14 - Out-of-bounds Read in Editor Attribute Handling
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7521
HIGH
Firefox < 129 and Firefox ESR < 115.14 - Use-After-Free via WebAssembly Exception Handling
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7520
HIGH
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - Remote Code Execution via WebAssembly Type Confusion
Aug 06, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-7519
CRITICAL
Firefox < 129 and Firefox ESR < 115.14 - Out-of-bounds Write in Graphics Shared Memory
Aug 06, 2024
CVSS 9.6
EPSS 0.01
CVE-2024-7518
MEDIUM
Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1 - UI Spoofing via Fullscreen Notification Obscuring
Aug 06, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-6615
HIGH
Firefox < 128.0 - Out-of-bounds Write
Jul 09, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6614
MEDIUM
Firefox < 128 - Denial of Service via WASM Frame Iterator Loop
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6613
MEDIUM
Firefox and Thunderbird < 128 - Information Disclosure via WASM Frame Iterator
Jul 09, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-6612
MEDIUM
Firefox < 128 and Thunderbird < 128 - DNS Prefetch Information Leak via CSP Violation Console Links
Jul 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-6611
CRITICAL
Firefox < 128 and Thunderbird < 128 - Sensitive Cookie Exposure via SameSite Attribute Bypass
Jul 09, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-6610
MEDIUM
Firefox and Thunderbird < 128.0 - UI Misrepresentation via Form Validation Popup Escape Key Capture
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6609
HIGH
Firefox < 128 and Thunderbird < 128 - Use-After-Free in Elliptic Curve Key Handling
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6608
MEDIUM
Firefox < 128 - Cursor Position Manipulation via Pointer Lock in Iframe
Jul 09, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-6607
HIGH
Firefox < 128 and Thunderbird < 128 - Use-After-Free via Pointer Lock and Custom Validity Overlay
Jul 09, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-6606
HIGH
Firefox < 128 and Thunderbird < 128 - Out-of-bounds Read in Clipboard Array Access
Jul 09, 2024
CVSS 8.2
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters