mozilla

3,621 tracked vulnerabilities.

CVE-2024-6605 HIGH
Firefox <128 - Privilege Escalation
Jul 09, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6604 HIGH
Firefox < 128 and ESR < 115.13 - Memory Corruption
Jul 09, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-6603 HIGH
Firefox < 128 and ESR < 115.13 - Use-After-Free via Out-of-Memory Allocation Failure
Jul 09, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-6602 CRITICAL
Firefox < 128 and ESR < 115.13 - Memory Corruption via Allocator-Deallocator Mismatch
Jul 09, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-6601 MEDIUM
Firefox < 128 and Thunderbird < 128 - Race Condition Leading to Cross-Origin Permission Escalation
Jul 09, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-6600 MEDIUM
Firefox < 128 and ESR < 115.13 - Out-of-Bounds Access via Large GLSL Shader Allocation
Jul 09, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-38313 MEDIUM
Firefox for iOS < 127 - Info Disclosure
Jun 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38312 MEDIUM
Firefox for iOS < 127 - Info Disclosure
Jun 13, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5702 HIGH
Firefox < 125 and ESR < 115.12 - Use-After-Free in Networking Stack
Jun 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-5701 CRITICAL
Firefox < 127.0 - Out-of-bounds Write
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5700 HIGH
Firefox < 127 and ESR < 115.12 - Memory Corruption
Jun 11, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-5699 CRITICAL
Firefox < 127.0 - Cookie Prefix Bypass via Case Sensitivity Mismatch
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5698 MEDIUM
Firefox < 127 - User Interface Misrepresentation via Fullscreen Data-List Overlay
Jun 11, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-5697 MEDIUM
Firefox < 127 - Screenshot Detection via Built-in Screenshot Functionality
Jun 11, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-5696 HIGH
Firefox < 127 and ESR < 115.12 - Out-of-bounds Write via Input Tag Text Manipulation
Jun 11, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-5695 CRITICAL
Firefox < 127.0 - Out-of-bounds Write via Probabilistic Heap Checker
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5694 HIGH
Firefox < 127.0 - Use-After-Free in JavaScript Engine
Jun 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-5693 MEDIUM
Firefox < 127 and ESR < 115.12 - Same-Origin Policy Bypass via Offscreen Canvas
Jun 11, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-5692 MEDIUM
Firefox < 127 and ESR < 115.12 - Unauthenticated File Extension Spoofing via Invalid Character in Save As Dialog
Jun 11, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-5691 MEDIUM
Firefox < 127, Firefox ESR < 115.12, Thunderbird < 115.12 - CSRF
Jun 11, 2024
CVSS 4.7
EPSS 0.01
CVE-2024-5690 MEDIUM
Firefox < 127.0 and ESR < 115.12 - Information Disclosure via External Protocol Handler Timing
Jun 11, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-5689 MEDIUM
Firefox < 127.0 - Phishing via Screenshot Overlay Spoofing
Jun 11, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-5688 HIGH
Firefox < 127 and ESR < 115.12 - Use-After-Free during Object Transplant
Jun 11, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-5687 MEDIUM
Firefox for Android - Info Disclosure
Jun 11, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-5022 MEDIUM
Focus for iOS < 126 - Open Redirect
May 17, 2024
CVSS 4.4
EPSS 0.00