mozilla

3,565 tracked vulnerabilities.

CVE-2024-1554 CRITICAL
Firefox < 123.0 - Cache Poisoning via Fetch API Header Mismatch
Feb 20, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-1553 HIGH
Firefox < 123 and Firefox ESR < 115.8 - Memory Corruption
Feb 20, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-1552 HIGH
Firefox < 123, Firefox ESR < 115.8, Thunderbird < 115.8 - Code Inje...
Feb 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-1551 MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - XSS
Feb 20, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-1550 MEDIUM
Firefox < 123 and ESR < 115.8 - UI Spoofing via Fullscreen and Pointer Lock
Feb 20, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-1549 MEDIUM
Firefox < 123 and ESR < 115.8 - Permission Dialog Spoofing via Large Custom Cursor
Feb 20, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-1548 MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - Info Disclosure
Feb 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-1547 MEDIUM
Firefox < 123 and ESR < 115.8 - Authentication Bypass by Spoofing via Alert Dialog
Feb 20, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-1546 HIGH
Firefox < 123 and ESR < 115.8 - Out-of-bounds Read in Networking Channel Buffer Handling
Feb 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-0953 MEDIUM
Firefox for iOS < 129 - Open Redirect
Feb 05, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-0755 HIGH
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Memory Corruption and Remote Code Execution
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0754 MEDIUM
Firefox < 122.0 - Denial of Service via WASM Source Files in DevTools
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0753 MEDIUM
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Auth Bypass
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0752 MEDIUM
Firefox < 122.0 - Use-After-Free during macOS Update on Busy System
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0751 HIGH
Firefox < 122 and Firefox ESR < 115.7 - Privilege Escalation via Malicious DevTools Extension
Jan 23, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-0750 HIGH
Firefox < 122.0, Firefox ESR < 115.7, Thunderbird < 115.7 - Permission Granting via Popup Delay Misrepresentation
Jan 23, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-0749 MEDIUM
Firefox < 122.0 and Firefox ESR < 115.7 - Origin Validation Error via about: Dialog
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0748 MEDIUM
Firefox < 122.0 - Address Bar Spoofing via Document URI Manipulation
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0747 MEDIUM
Firefox < 122 - Firefox ESR < 115.7 - Thunderbird < 115.7 - Info Di...
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0746 MEDIUM
Firefox < 122.0 and Firefox ESR < 115.7 - Use-After-Free via Print Preview Dialog
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0745 HIGH
Firefox < 122.0 - Stack-based Buffer Overflow in WebAudio OscillatorNode
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0744 HIGH
Firefox < 122.0 - Use-After-Free via JIT Compilation
Jan 23, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-0743 HIGH
Firefox < 122.0 - Denial of Service via TLS Handshake Return Value
Jan 23, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-0742 MEDIUM
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Unintended Dialog Activation via Incorrect Timestamp Handling
Jan 23, 2024
CVSS 4.3
EPSS 0.02
CVE-2024-0741 MEDIUM
Firefox < 122.0 and Firefox ESR < 115.7 - Out-of-bounds Write in ANGLE
Jan 23, 2024
CVSS 6.5
EPSS 0.47
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV