mozilla

3,565 tracked vulnerabilities.

CVE-2022-45406 CRITICAL
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in JavaScript Global Realm
Dec 22, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-45405 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in nsIInputStream
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45404 MEDIUM
Firefox ESR < 102.5, Thunderbird < 102.5, Firefox < 107 - SSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-45403 MEDIUM
Firefox < 107.0, Firefox ESR < 102.5, Thunderbird < 102.5 - Information Disclosure via Cross-Origin Media Timing
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-42932 HIGH
Firefox < 106.0 and Firefox ESR < 102.4 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-42931 LOW
Firefox < 106.0 - Cleartext Storage of Sensitive Information via Form Manager
Dec 22, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-42930 HIGH
Firefox < 106.0 - Race Condition in ThirdPartyUtil via Concurrent CacheStorage Initialization
Dec 22, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-42929 MEDIUM
Firefox < 106.0 and Firefox ESR < 102.4 - Denial of Service via window.print()
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-42928 HIGH
Firefox < 106.0 and Firefox ESR < 102.4 - Memory Corruption via Garbage Collector State
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-42927 HIGH
Firefox < 106 and Firefox ESR < 102.4 - Same-Origin Policy Violation via performance.getEntries()
Dec 22, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-40962 HIGH
Mozilla Firefox <105 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-40961 MEDIUM
Firefox < 105.0 - Out-of-bounds Write via Graphics Driver Name Handling
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-40960 MEDIUM
Firefox ESR < 102.3 & Thunderbird < 102.3 & Firefox < 105 - Use Aft...
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-40959 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - CSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-40958 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - SSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-40957 MEDIUM
Firefox < 105.0 and Firefox ESR < 102.3 - Denial of Service via WASM Cache Inconsistency
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-40956 MEDIUM
Firefox ESR <102.3, Thunderbird <102.3, Firefox <105 - XSS
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-3266 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - Memory Co...
Dec 22, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3155 HIGH
Thunderbird < 102.3 - Unprotected Application Execution via Missing macOS Quarantine Attribute
Dec 22, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-3034 MEDIUM
Thunderbird <102.2.1-<91.13.1 - XSS
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-3033 HIGH
Thunderbird < 91.13.1 - Cross-Site Scripting via Meta Refresh Tag in HTML Email Reply
Dec 22, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-3032 MEDIUM
Thunderbird <102.2.1-<91.13.1 - XSS
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-38478 HIGH
Mozilla Firefox <104 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-38477 HIGH
Mozilla Firefox <104 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-38476 HIGH
Firefox ESR < 102.2 - Use After Free
Dec 22, 2022
CVSS 7.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV