mozilla
3,621 tracked vulnerabilities.
CVE-2024-26282
HIGH
Firefox for iOS < 123.0 - Cross-Site Scripting via AMP URL Canonical Element
Feb 22, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-26281
MEDIUM
Firefox for iOS < 123.0 - Cross-Site Scripting via QR Code Scanner
Feb 22, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-1563
HIGH
Firefox Focus < 122.0 - Unauthorized Script Execution via JavaScript URI and Timeout Race Condition
Feb 22, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-1557
HIGH
Firefox < 123.0 - Out-of-bounds Write
Feb 20, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-1556
MEDIUM
Firefox < 123.0 - Invalid Memory Access via Built-in Profiler NULL Check
Feb 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-1555
HIGH
Firefox < 123.0 - SameSite Cookie Bypass via firefox:// Protocol Handler
Feb 20, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-1554
CRITICAL
Firefox < 123.0 - Cache Poisoning via Fetch API Header Mismatch
Feb 20, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-1553
HIGH
Firefox < 123 and Firefox ESR < 115.8 - Memory Corruption
Feb 20, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-1552
HIGH
Firefox < 123, Firefox ESR < 115.8, Thunderbird < 115.8 - Code Inje...
Feb 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-1551
MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - XSS
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1550
MEDIUM
Firefox < 123 and ESR < 115.8 - UI Spoofing via Fullscreen and Pointer Lock
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1549
MEDIUM
Firefox < 123 and ESR < 115.8 - Permission Dialog Spoofing via Large Custom Cursor
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1548
MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - Info Disclosure
Feb 20, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-1547
MEDIUM
Firefox < 123 and ESR < 115.8 - Authentication Bypass by Spoofing via Alert Dialog
Feb 20, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-1546
HIGH
Firefox < 123 and ESR < 115.8 - Out-of-bounds Read in Networking Channel Buffer Handling
Feb 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-0953
MEDIUM
Firefox for iOS < 129 - Open Redirect
Feb 05, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-0755
HIGH
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Memory Corruption and Remote Code Execution
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0754
MEDIUM
Firefox < 122.0 - Denial of Service via WASM Source Files in DevTools
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0753
MEDIUM
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Auth Bypass
Jan 23, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-0752
MEDIUM
Firefox < 122.0 - Use-After-Free during macOS Update on Busy System
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0751
HIGH
Firefox < 122 and Firefox ESR < 115.7 - Privilege Escalation via Malicious DevTools Extension
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0750
HIGH
Firefox < 122.0, Firefox ESR < 115.7, Thunderbird < 115.7 - Permission Granting via Popup Delay Misrepresentation
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0749
MEDIUM
Firefox < 122.0 and Firefox ESR < 115.7 - Origin Validation Error via about: Dialog
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0748
MEDIUM
Firefox < 122.0 - Address Bar Spoofing via Document URI Manipulation
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0747
MEDIUM
Firefox < 122 - Firefox ESR < 115.7 - Thunderbird < 115.7 - Info Di...
Jan 23, 2024
CVSS 6.5
EPSS 0.01
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters