mozilla
3,565 tracked vulnerabilities.
CVE-2024-0606
MEDIUM
Firefox Focus < 122.0 - Cross-Site Scripting via window.open()
Jan 22, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-0605
HIGH
Firefox Focus < 122.0 - Unauthenticated Race Condition via javascript: URI setTimeout
Jan 22, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-2142
MEDIUM
Nunjucks < 3.2.4 - Cross-Site Scripting via Autoescape Bypass
Nov 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2023-1521
HIGH
sccache < 0.4.0 - LD_PRELOAD Local Privilege Escalation
Nov 26, 2024
CVSS 7.8
EPSS 0.00
CVE-2023-0163
HIGH
Mozilla Convict - Prototype Pollution
Nov 26, 2024
CVSS 8.4
EPSS 0.00
CVE-2023-5388
MEDIUM
Firefox < 124 and ESR < 115.9 - Timing Side-Channel Attack via RSA Decryption
Mar 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2023-6873
HIGH
Firefox < 121.0 - Out-of-bounds Write
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6872
MEDIUM
Firefox < 121.0 - Unprotected User Data Exposure via GNOME Tab Title Logging
Dec 19, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-6871
MEDIUM
Firefox < 121.0 - Protocol Handler Warning Bypass
Dec 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-6870
MEDIUM
Firefox < 121.0 - Fullscreen Notification Spoofing via Toast Notification
Dec 19, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-6869
MEDIUM
Firefox < 121.0 - Untrusted Content Display via Dialog Element Manipulation
Dec 19, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-6868
MEDIUM
Firefox < 121.0 - Unauthorized Push Message Delivery via Missing VAPID Validation
Dec 19, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-6867
MEDIUM
Firefox < 121.0 and Firefox ESR < 115.6 - Clickjacking via Permission Prompt Timing
Dec 19, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-6866
HIGH
Firefox < 121.0 - Denial of Service via TypedArray Exception Handling
Dec 19, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-6865
MEDIUM
Firefox ESR < 115.6 - Info Disclosure
Dec 19, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-6864
HIGH
Firefox < 121.0 and Firefox ESR < 115.6 - Out-of-bounds Write
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6863
HIGH
Firefox ESR < 115.6, Thunderbird < 115.6, Firefox < 121 - Memory Co...
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6862
HIGH
Firefox ESR < 115.6 and Thunderbird < 115.6 - Use-After-Free in nsDNSService::Init
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6861
HIGH
Firefox < 121.0, Firefox ESR < 115.6, Thunderbird < 115.6 - Out-of-bounds Write in nsWindow::PickerOpen
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6860
MEDIUM
Firefox ESR < 115.6 & Firefox < 121 - RCE
Dec 19, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-6859
HIGH
Firefox < 121.0, Firefox ESR < 115.6, Thunderbird < 115.6 - Use-After-Free in TLS Socket Creation
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6858
HIGH
Firefox < 121.0 and Firefox ESR < 115.6 - Heap Buffer Overflow in nsTextFragment
Dec 19, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-6857
MEDIUM
Firefox < 121.0 and Firefox ESR < 115.6 - Race Condition via Symlink Resolution
Dec 19, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-6856
HIGH
Firefox < 121.0 and Firefox ESR < 115.6 - Remote Code Execution via WebGL DrawElementsInstanced
Dec 19, 2023
CVSS 8.8
EPSS 0.10
CVE-2023-6135
MEDIUM
Firefox < 121.0 - Side-Channel Attack via Minerva on NSS NIST Curves
Dec 19, 2023
CVSS 4.3
EPSS 0.00
Products
firefox 3,130
thunderbird 1,729
seamonkey 704
firefox_esr 488
Firefox 387
Thunderbird 359
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
firefox_focus 20
firefox_mobile 20
Firefox for iOS 19
focus 15
firefox_os 14
nss 6
Focus for iOS 5
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters