mozilla

3,565 tracked vulnerabilities.

CVE-2022-46881 HIGH
Firefox < 106.0, Firefox ESR < 102.6, Thunderbird < 102.6 - Out-of-bounds Write in WebGL
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-46880 MEDIUM
Firefox < 105.0 and Firefox ESR < 102.6 - Use-After-Free via Tex Unit Handling
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-46879 HIGH
Mozilla Firefox <108 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-46878 HIGH
Firefox < 108 and Firefox ESR < 102.6 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-46877 MEDIUM
Firefox < 108.0 - Fullscreen Notification Spoofing
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-46875 MEDIUM
Firefox < 108 & Thunderbird < 102.6 - Command Injection
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-46874 HIGH
Firefox < 108 and Firefox ESR < 102.6 - Code Injection via Filename Truncation
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-46873 HIGH
Firefox < 108.0 - Cross-Site Scripting via CSP unsafe-hashes Directive Bypass
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-46872 HIGH
Firefox <108, Thunderbird <102.6 - Info Disclosure
Dec 22, 2022
CVSS 8.6
EPSS 0.00
CVE-2022-46871 HIGH
Firefox < 108.0 - Use of Unmaintained Third Party Components
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-45421 HIGH
Firefox < 107.0 and Firefox ESR < 102.5 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-45420 MEDIUM
Firefox ESR < 102.5 & Thunderbird < 102.5 & Firefox < 107 - XSS
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45419 MEDIUM
Firefox < 107.0 - Improper Certificate Validation via Deleted Security Exception
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45418 MEDIUM
Firefox ESR < 102.5 & Thunderbird < 102.5 & Firefox < 107 - SSRF
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-45417 MEDIUM
Firefox < 107.0 - Private Browsing Mode Information Disclosure via Service Worker Storage
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-45416 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Keyboard Event Timing Side-Channel
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45415 HIGH
Firefox < 107.0 - Unrestricted Download of File with Dangerous Type via Page Title
Dec 22, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-45414 HIGH
Thunderbird < 102.5.1 - Exposure of Sensitive Information via HTML Email Tag Attributes
Dec 22, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-45413 MEDIUM
Firefox < 107.0 - Open Redirect via browser_fallback_url Parameter
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-45412 HIGH
Firefox < 107.0 and Firefox ESR < 102.5 - Information Disclosure via Symlink Resolution
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-45411 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Cross-Site Tracing via X-Http-Method-Override Header
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-45410 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Missing Authorization via ServiceWorker FetchEvent
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45409 HIGH
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in Garbage Collector
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-45408 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Spoofing via Window Fullscreen Popup Abuse
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45407 HIGH
Firefox < 107.0 - Use-After-Free via FontFace() on Background Worker
Dec 22, 2022
CVSS 7.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV