mozilla
3,621 tracked vulnerabilities.
CVE-2024-3856
HIGH
Firefox < 125.0 - Use-After-Free during WASM Array Creation
Apr 16, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-3855
MEDIUM
Firefox < 125.0 - Out-of-bounds Read via MSubstr JIT Optimization
Apr 16, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-3854
HIGH
Firefox < 125 and ESR < 115.10 - Out-of-bounds Read via JIT Switch Statement Optimization
Apr 16, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-3853
HIGH
Firefox < 125.0 - Use-After-Free during JavaScript Realm Initialization
Apr 16, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-3852
HIGH
Firefox < 125 and ESR < 115.10 - Use-After-Free via JIT Optimization
Apr 16, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-3302
LOW
Firefox < 125, Firefox ESR < 115.10, Thunderbird < 115.10 - DoS
Apr 16, 2024
CVSS 3.7
EPSS 0.01
CVE-2024-31393
MEDIUM
Firefox for iOS < 124.0 - Security Bypass via JavaScript URL Drag to Address Bar
Apr 03, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-31392
HIGH
Firefox for iOS <124 - Info Disclosure
Apr 03, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-29944
HIGH
Firefox < 124.0.1 and ESR < 115.9.1 - Arbitrary JavaScript Execution via Privileged Object Event Handler Injection
Mar 22, 2024
CVSS 8.4
EPSS 0.05
CVE-2024-29943
CRITICAL
Firefox < 124.0.1 - Memory Corruption
Mar 22, 2024
CVSS 9.8
EPSS 0.23
CVE-2024-2616
LOW
Firefox ESR < 115.9 - Use After Free
Mar 19, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-2615
CRITICAL
Firefox < 124.0 - Out-of-bounds Write
Mar 19, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-2614
HIGH
Firefox < 124 and ESR < 115.9 - Out-of-bounds Write
Mar 19, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-2613
HIGH
Firefox < 124.0 - Denial of Service via QUIC ACK Frame Decoding
Mar 19, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-2612
HIGH
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Code Execution
Mar 19, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-2611
MEDIUM
Firefox < 124 and ESR < 115.9 - Permission Grant Spoofing via Pointer Lock
Mar 19, 2024
CVSS 5.5
EPSS 0.01
CVE-2024-2610
MEDIUM
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Info Disclosure
Mar 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-2609
MEDIUM
Firefox <124, Firefox ESR <115.10, Thunderbird <115.10 - CSRF
Mar 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-2608
HIGH
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - Buffer Overflow
Mar 19, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-2607
HIGH
Firefox < 124 and ESR < 115.9 - Remote Code Execution via Return Register Overwrite
Mar 19, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-2606
LOW
Firefox < 124.0 - Incorrect Type Conversion in WebAssembly
Mar 19, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-2605
MEDIUM
Firefox <124, Firefox ESR <115.9, Thunderbird <115.9 - RCE
Mar 19, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-1936
HIGH
Thunderbird < 115.8.1 - Insecure Storage of Sensitive Information via Email Subject Cache Contamination
Mar 04, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-26284
MEDIUM
Firefox Focus < 123.0 - Universal Cross-Site Scripting via 302 Redirect
Feb 22, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-26283
HIGH
Firefox for iOS < 123.0 - Cross-Site Scripting via JavaScript URI in Custom Scheme
Feb 22, 2024
CVSS 7.8
EPSS 0.00
Products
firefox 3,179
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 22
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters