mozilla

3,621 tracked vulnerabilities.

CVE-2024-26282 HIGH
Firefox for iOS < 123.0 - Cross-Site Scripting via AMP URL Canonical Element
Feb 22, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-26281 MEDIUM
Firefox for iOS < 123.0 - Cross-Site Scripting via QR Code Scanner
Feb 22, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-1563 HIGH
Firefox Focus < 122.0 - Unauthorized Script Execution via JavaScript URI and Timeout Race Condition
Feb 22, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-1557 HIGH
Firefox < 123.0 - Out-of-bounds Write
Feb 20, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-1556 MEDIUM
Firefox < 123.0 - Invalid Memory Access via Built-in Profiler NULL Check
Feb 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-1555 HIGH
Firefox < 123.0 - SameSite Cookie Bypass via firefox:// Protocol Handler
Feb 20, 2024
CVSS 8.3
EPSS 0.00
CVE-2024-1554 CRITICAL
Firefox < 123.0 - Cache Poisoning via Fetch API Header Mismatch
Feb 20, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-1553 HIGH
Firefox < 123 and Firefox ESR < 115.8 - Memory Corruption
Feb 20, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-1552 HIGH
Firefox < 123, Firefox ESR < 115.8, Thunderbird < 115.8 - Code Inje...
Feb 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-1551 MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - XSS
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1550 MEDIUM
Firefox < 123 and ESR < 115.8 - UI Spoofing via Fullscreen and Pointer Lock
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1549 MEDIUM
Firefox < 123 and ESR < 115.8 - Permission Dialog Spoofing via Large Custom Cursor
Feb 20, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-1548 MEDIUM
Firefox <123, Firefox ESR <115.8, Thunderbird <115.8 - Info Disclosure
Feb 20, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-1547 MEDIUM
Firefox < 123 and ESR < 115.8 - Authentication Bypass by Spoofing via Alert Dialog
Feb 20, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-1546 HIGH
Firefox < 123 and ESR < 115.8 - Out-of-bounds Read in Networking Channel Buffer Handling
Feb 20, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-0953 MEDIUM
Firefox for iOS < 129 - Open Redirect
Feb 05, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-0755 HIGH
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Memory Corruption and Remote Code Execution
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0754 MEDIUM
Firefox < 122.0 - Denial of Service via WASM Source Files in DevTools
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0753 MEDIUM
Firefox < 122, Firefox ESR < 115.7, Thunderbird < 115.7 - Auth Bypass
Jan 23, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-0752 MEDIUM
Firefox < 122.0 - Use-After-Free during macOS Update on Busy System
Jan 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-0751 HIGH
Firefox < 122 and Firefox ESR < 115.7 - Privilege Escalation via Malicious DevTools Extension
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0750 HIGH
Firefox < 122.0, Firefox ESR < 115.7, Thunderbird < 115.7 - Permission Granting via Popup Delay Misrepresentation
Jan 23, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-0749 MEDIUM
Firefox < 122.0 and Firefox ESR < 115.7 - Origin Validation Error via about: Dialog
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0748 MEDIUM
Firefox < 122.0 - Address Bar Spoofing via Document URI Manipulation
Jan 23, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-0747 MEDIUM
Firefox < 122 - Firefox ESR < 115.7 - Thunderbird < 115.7 - Info Di...
Jan 23, 2024
CVSS 6.5
EPSS 0.01