mozilla

3,621 tracked vulnerabilities.

CVE-2023-25740 HIGH
Firefox < 110.0 - NTLM Credential Leak via .scf File Download
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25739 HIGH
Firefox < 110.0, Firefox ESR < 102.8, Thunderbird < 102.8 - Use-After-Free in ScriptLoadContext
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25738 MEDIUM
Firefox < 110.0 and Firefox ESR < 102.8 - Out-of-bounds Read via DEVMODEW Struct Validation
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25737 HIGH
Firefox <110, Thunderbird <102.8 - Info Disclosure
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25735 HIGH
Firefox < 110.0, Firefox ESR < 102.8, Thunderbird < 102.8 - Use-After-Free via Scripted Proxy Wrapper
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25734 HIGH
Firefox < 110.0 and Firefox ESR < 102.8 - URL Redirection to Untrusted Site via Windows .url Shortcut
Jun 02, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-25732 HIGH
Firefox < 110.0 and Firefox ESR < 102.8 - Out-of-bounds Write in xpcom inputStream Encoding
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25731 HIGH
Firefox < 110.0 - Privilege Escalation via Developer Tools Network Panel URL Preview
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25730 MEDIUM
Firefox <110, Thunderbird <102.8, Firefox ESR <102.8 - Info Disclosure
Jun 02, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-25729 HIGH
Firefox < 110.0, Firefox ESR < 102.8, Thunderbird < 102.8 - Incorrect Authorization via ExpandedPrincipals
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-25728 MEDIUM
Firefox < 110.0 and Firefox ESR < 102.8 - Information Disclosure via CSP Report-Only Header
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23606 HIGH
Firefox < 109.0 - Out-of-bounds Write
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-23605 HIGH
Firefox < 109 and Firefox ESR < 102.7 - Out-of-bounds Write
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-23604 MEDIUM
Firefox < 109.0 - Incorrect Authorization via DOMParser SystemPrincipal Bypass
Jun 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23603 MEDIUM
Firefox < 109 and Firefox ESR < 102.7 - Data Exfiltration via Console Log Style Directive
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23602 MEDIUM
Firefox < 109 and Firefox ESR < 102.7 - Content Security Policy Bypass via WebSocket in WebWorker
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23601 MEDIUM
Firefox < 109 and Firefox ESR < 102.7 - Origin Validation Error via Cross-Origin URL Drag
Jun 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23600 MEDIUM
Firefox < 109.0 - Notification Permission Bypass via Origin Context Mismatch
Jun 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23599 MEDIUM
Firefox < 109, Firefox ESR < 102.7, Thunderbird < 102.7 - Command I...
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23598 MEDIUM
Firefox <109-102.7 - Info Disclosure
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-23597 MEDIUM
Firefox < 109.0 - Arbitrary File Read via Web Security Bypass
Jun 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-1945 MEDIUM
Thunderbird <102.10 - Memory Corruption
Jun 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-0767 HIGH
Firefox < 110, Thunderbird < 102.8, Firefox ESR < 102.8 - Memory Co...
Jun 02, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-0616 MEDIUM
Thunderbird < 102.8 - Denial of Service via Crafted OpenPGP MIME Email
Jun 02, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-0547 MEDIUM
Thunderbird 68.0-102.9.1 - Improper Certificate Validation in S/MIME Encrypted Email
Jun 02, 2023
CVSS 6.5
EPSS 0.00