mozilla
3,621 tracked vulnerabilities.
CVE-2024-4778
CRITICAL
Firefox < 126.0 - Memory Corruption and Potential Remote Code Execution
May 14, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-4777
HIGH
Firefox < 126 and Firefox ESR < 115.11 - Use-After-Free
May 14, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-4776
HIGH
Firefox < 126.0 - Full-Screen Mode Window Disabling via File Dialog
May 14, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-4775
MEDIUM
Firefox < 126.0 - Memory Corruption via WASM Profiler Iterator
May 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-4774
MEDIUM
Firefox < 126.0 - Use-After-Free via ShmemCharMapHashEntry Move Semantics Bypass
May 14, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-4773
HIGH
Firefox < 126.0 - URL Spoofing via Network Error Page Load
May 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-4772
MEDIUM
Firefox < 126.0 - Predictable HTTP Digest Authentication Nonce via Weak PRNG
May 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-4771
HIGH
Firefox < 126.0 - Use-After-Free via Failed Memory Allocation
May 14, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-4770
HIGH
Firefox < 126 and ESR < 115.11 - Use-After-Free in PDF Page Save
May 14, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-4769
MEDIUM
Firefox <126, Firefox ESR <115.11, Thunderbird <115.11 - Info Discl...
May 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-4768
MEDIUM
Firefox <126, Firefox ESR <115.11, Thunderbird <115.11 - Privilege ...
May 14, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-4767
MEDIUM
Firefox <126, Firefox ESR <115.11, Thunderbird <115.11 - Info Discl...
May 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4766
MEDIUM
Firefox for Android < 126.0 - Fullscreen Notification Spoofing
May 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-4765
HIGH
Firefox < 126.0 for Android - Arbitrary Code Execution via Manifest Hash Collision
May 14, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-4764
CRITICAL
Firefox < 126.0 - Use-After-Free in WebRTC Audio Input Handling
May 14, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-4367
HIGH
Firefox < 126 and ESR < 115.11 - Arbitrary JavaScript Execution in PDF.js via Missing Type Check
May 14, 2024
CVSS 8.8
EPSS 0.73
CVE-2024-3865
HIGH
Firefox < 125.0 - Memory Corruption
Apr 16, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-3864
HIGH
Firefox < 125 and ESR < 115.10 - Memory Corruption
Apr 16, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-3863
CRITICAL
Firefox < 125 and ESR < 115.10 - Unrestricted Download of Dangerous File Type
Apr 16, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-3862
MEDIUM
Firefox < 125.0 - Use of Uninitialized Memory in MarkStack Assignment Operator
Apr 16, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-3861
MEDIUM
Firefox < 125 and ESR < 115.10 - Use-After-Free via AlignedBuffer Self-Assignment
Apr 16, 2024
CVSS 4.0
EPSS 0.00
CVE-2024-3860
MEDIUM
Firefox < 125.0 - Use-After-Free via Empty Shape List
Apr 16, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-3859
MEDIUM
Firefox < 125 and ESR < 115.10 - Integer Overflow via OpenType Font Parsing
Apr 16, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-3858
HIGH
Firefox < 125.0 - Denial of Service via JavaScript Object Mutation
Apr 16, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-3857
HIGH
Firefox < 125 and ESR < 115.10 - Use-After-Free in JIT Argument Handling
Apr 16, 2024
CVSS 7.8
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters