mozilla

3,621 tracked vulnerabilities.

CVE-2024-3856 HIGH
Firefox < 125.0 - Use-After-Free during WASM Array Creation
Apr 16, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-3855 MEDIUM
Firefox < 125.0 - Out-of-bounds Read via MSubstr JIT Optimization
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-3854 HIGH
Firefox < 125 and ESR < 115.10 - Out-of-bounds Read via JIT Switch Statement Optimization
Apr 16, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-3853 HIGH
Firefox < 125.0 - Use-After-Free during JavaScript Realm Initialization
Apr 16, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3852 HIGH
Firefox < 125 and ESR < 115.10 - Use-After-Free via JIT Optimization
Apr 16, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-3302 LOW
Firefox < 125, Firefox ESR < 115.10, Thunderbird < 115.10 - DoS
Apr 16, 2024
CVSS 3.7
EPSS 0.01
CVE-2024-31393 MEDIUM
Firefox for iOS < 124.0 - Security Bypass via JavaScript URL Drag to Address Bar
Apr 03, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-31392 HIGH
Firefox for iOS <124 - Info Disclosure
Apr 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-29944 HIGH
Firefox < 124.0.1 and ESR < 115.9.1 - Arbitrary JavaScript Execution via Privileged Object Event Handler Injection
Mar 22, 2024
CVSS 8.4
EPSS 0.05
CVE-2024-29943 CRITICAL
Firefox < 124.0.1 - Memory Corruption
Mar 22, 2024
CVSS 9.8
EPSS 0.23
CVE-2024-2616 LOW
Firefox ESR < 115.9 - Use After Free
Mar 19, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-2615 CRITICAL
Firefox < 124.0 - Out-of-bounds Write
Mar 19, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-2614 HIGH
Firefox < 124 and ESR < 115.9 - Out-of-bounds Write
Mar 19, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2613 HIGH
Firefox < 124.0 - Denial of Service via QUIC ACK Frame Decoding
Mar 19, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-2612 HIGH
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Code Execution
Mar 19, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-2611 MEDIUM
Firefox < 124 and ESR < 115.9 - Permission Grant Spoofing via Pointer Lock
Mar 19, 2024
CVSS 5.5
EPSS 0.01
CVE-2024-2610 MEDIUM
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Info Disclosure
Mar 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-2609 MEDIUM
Firefox <124, Firefox ESR <115.10, Thunderbird <115.10 - CSRF
Mar 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-2608 HIGH
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Buffer Overflow
Mar 19, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-2607 HIGH
Firefox < 124 and ESR < 115.9 - Remote Code Execution via Return Register Overwrite
Mar 19, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-2606 LOW
Firefox < 124.0 - Incorrect Type Conversion in WebAssembly
Mar 19, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-2605 MEDIUM
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - RCE
Mar 19, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-1936 HIGH
Thunderbird < 115.8.1 - Insecure Storage of Sensitive Information via Email Subject Cache Contamination
Mar 04, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-26284 MEDIUM
Firefox Focus < 123.0 - Universal Cross-Site Scripting via 302 Redirect
Feb 22, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-26283 HIGH
Firefox for iOS < 123.0 - Cross-Site Scripting via JavaScript URI in Custom Scheme
Feb 22, 2024
CVSS 7.8
EPSS 0.00