mozilla

3,621 tracked vulnerabilities.

CVE-2022-45412 HIGH
Firefox < 107.0 and Firefox ESR < 102.5 - Information Disclosure via Symlink Resolution
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-45411 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Cross-Site Tracing via X-Http-Method-Override Header
Dec 22, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-45410 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Missing Authorization via ServiceWorker FetchEvent
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45409 HIGH
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in Garbage Collector
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-45408 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Spoofing via Window Fullscreen Popup Abuse
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45407 HIGH
Firefox < 107.0 - Use-After-Free via FontFace() on Background Worker
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45406 CRITICAL
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in JavaScript Global Realm
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45405 MEDIUM
Firefox < 107.0 and Firefox ESR < 102.5 - Use-After-Free in nsIInputStream
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45404 MEDIUM
Firefox ESR < 102.5, Thunderbird < 102.5, Firefox < 107 - SSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-45403 MEDIUM
Firefox < 107.0, Firefox ESR < 102.5, Thunderbird < 102.5 - Information Disclosure via Cross-Origin Media Timing
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-42932 HIGH
Firefox < 106.0 and Firefox ESR < 102.4 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-42931 LOW
Firefox < 106.0 - Cleartext Storage of Sensitive Information via Form Manager
Dec 22, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-42930 HIGH
Firefox < 106.0 - Race Condition in ThirdPartyUtil via Concurrent CacheStorage Initialization
Dec 22, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-42929 MEDIUM
Firefox < 106.0 and Firefox ESR < 102.4 - Denial of Service via window.print()
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-42928 HIGH
Firefox < 106.0 and Firefox ESR < 102.4 - Memory Corruption via Garbage Collector State
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-42927 HIGH
Firefox < 106 and Firefox ESR < 102.4 - Same-Origin Policy Violation via performance.getEntries()
Dec 22, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-40962 HIGH
Mozilla Firefox <105 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-40961 MEDIUM
Firefox < 105.0 - Out-of-bounds Write via Graphics Driver Name Handling
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40960 MEDIUM
Firefox ESR < 102.3 & Thunderbird < 102.3 & Firefox < 105 - Use Aft...
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40959 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - CSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40958 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - SSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40957 MEDIUM
Firefox < 105.0 and Firefox ESR < 102.3 - Denial of Service via WASM Cache Inconsistency
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-40956 MEDIUM
Firefox ESR <102.3, Thunderbird <102.3, Firefox <105 - XSS
Dec 22, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-3266 MEDIUM
Firefox ESR < 102.3, Thunderbird < 102.3, Firefox < 105 - Memory Co...
Dec 22, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-3155 HIGH
Thunderbird < 102.3 - Unprotected Application Execution via Missing macOS Quarantine Attribute
Dec 22, 2022
CVSS 7.8
EPSS 0.00