mozilla
3,621 tracked vulnerabilities.
CVE-2024-6605
HIGH
Firefox <128 - Privilege Escalation
Jul 09, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-6604
HIGH
Firefox < 128 and ESR < 115.13 - Memory Corruption
Jul 09, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-6603
HIGH
Firefox < 128 and ESR < 115.13 - Use-After-Free via Out-of-Memory Allocation Failure
Jul 09, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-6602
CRITICAL
Firefox < 128 and ESR < 115.13 - Memory Corruption via Allocator-Deallocator Mismatch
Jul 09, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-6601
MEDIUM
Firefox < 128 and Thunderbird < 128 - Race Condition Leading to Cross-Origin Permission Escalation
Jul 09, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-6600
MEDIUM
Firefox < 128 and ESR < 115.13 - Out-of-Bounds Access via Large GLSL Shader Allocation
Jul 09, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-38313
MEDIUM
Firefox for iOS < 127 - Info Disclosure
Jun 13, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38312
MEDIUM
Firefox for iOS < 127 - Info Disclosure
Jun 13, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-5702
HIGH
Firefox < 125 and ESR < 115.12 - Use-After-Free in Networking Stack
Jun 11, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-5701
CRITICAL
Firefox < 127.0 - Out-of-bounds Write
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5700
HIGH
Firefox < 127 and ESR < 115.12 - Memory Corruption
Jun 11, 2024
CVSS 7.0
EPSS 0.00
CVE-2024-5699
CRITICAL
Firefox < 127.0 - Cookie Prefix Bypass via Case Sensitivity Mismatch
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5698
MEDIUM
Firefox < 127 - User Interface Misrepresentation via Fullscreen Data-List Overlay
Jun 11, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-5697
MEDIUM
Firefox < 127 - Screenshot Detection via Built-in Screenshot Functionality
Jun 11, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-5696
HIGH
Firefox < 127 and ESR < 115.12 - Out-of-bounds Write via Input Tag Text Manipulation
Jun 11, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-5695
CRITICAL
Firefox < 127.0 - Out-of-bounds Write via Probabilistic Heap Checker
Jun 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-5694
HIGH
Firefox < 127.0 - Use-After-Free in JavaScript Engine
Jun 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-5693
MEDIUM
Firefox < 127 and ESR < 115.12 - Same-Origin Policy Bypass via Offscreen Canvas
Jun 11, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-5692
MEDIUM
Firefox < 127 and ESR < 115.12 - Unauthenticated File Extension Spoofing via Invalid Character in Save As Dialog
Jun 11, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-5691
MEDIUM
Firefox < 127, Firefox ESR < 115.12, Thunderbird < 115.12 - CSRF
Jun 11, 2024
CVSS 4.7
EPSS 0.01
CVE-2024-5690
MEDIUM
Firefox < 127.0 and ESR < 115.12 - Information Disclosure via External Protocol Handler Timing
Jun 11, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-5689
MEDIUM
Firefox < 127.0 - Phishing via Screenshot Overlay Spoofing
Jun 11, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-5688
HIGH
Firefox < 127 and ESR < 115.12 - Use-After-Free during Object Transplant
Jun 11, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-5687
MEDIUM
Firefox for Android - Info Disclosure
Jun 11, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-5022
MEDIUM
Focus for iOS < 126 - Open Redirect
May 17, 2024
CVSS 4.4
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters