mozilla

3,565 tracked vulnerabilities.

CVE-2022-34471 MEDIUM
Firefox < 102.0 - Addon Downgrade via Manifest Version Mismatch
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34470 CRITICAL
Firefox < 102.0 and Firefox ESR < 91.11 - Use-After-Free in Session History Navigation
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34469 HIGH
Firefox for Android < 102.0 - Improper Certificate Validation
Dec 22, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-34468 HIGH
Firefox < 102.0 and Firefox ESR < 91.11 - Script Execution via JavaScript Link Click
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-31748 CRITICAL
Firefox < 101 - Memory Corruption
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31747 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Memory Corruption
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31746 MEDIUM
Firefox for iOS < 102.0 - Exposure of Sensitive Information via Referrer Header
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31745 MEDIUM
Firefox < 101.0 - Use-After-Free via Garbage Collector Array Shift Confusion
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-31744 MEDIUM
Firefox < 101.0 and Firefox ESR < 91.11 - Cross-Site Scripting via CSS Injection in Internal URI Stylesheets
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31743 MEDIUM
Firefox < 101.0 - Cross-Site Scripting via HTML Comment Parsing Incongruity
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31742 MEDIUM
Firefox < 101 and Firefox ESR < 91.10 - Cross-Origin Account Linking via WebAuthn Timing Attack
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31741 HIGH
Firefox < 101 and Firefox ESR < 91.10 - Use of Uninitialized Resource via Crafted CMS Message
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-31740 HIGH
Firefox < 101.0 and Firefox ESR < 91.10 - Memory Corruption via WASM Assembly Generation
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-31739 HIGH
Firefox < 101 and Firefox ESR < 91.10 - Path Traversal via Unescaped % Character in Download Path
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-31738 MEDIUM
Firefox < 101 and Firefox ESR < 91.10 - Authentication Bypass by Spoofing via Fullscreen Mode Exit
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31737 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Out-of-bounds Write in WebGL
Dec 22, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-31736 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Cross-Origin Resource Size Leak via Range Requests
Dec 22, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-2505 HIGH
Mozilla Firefox <103 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-2226 MEDIUM
Thunderbird < 91.11 and < 102 - Digital Signature Replay Attack via Date Mismatch
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-2200 HIGH
Firefox < 102.0 and Firefox ESR < 91.11 - Prototype Pollution leading to Privileged Code Execution
Dec 22, 2022
CVSS 8.8
EPSS 0.06
CVE-2022-29918 HIGH
Firefox < 100.0 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-29917 CRITICAL
Firefox < 100.0 and Firefox ESR < 91.9 - Out-of-bounds Write
Dec 22, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-29916 MEDIUM
Firefox < 100.0 and Firefox ESR < 91.9 - Browser History Probing via CSS Variable Resource Loading
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-29915 MEDIUM
Firefox < 100.0 - Origin Validation Error via Performance API
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-29914 MEDIUM
Firefox < 100.0 and Firefox ESR < 91.9 - UI Spoofing via Fullscreen Notification Overlay
Dec 22, 2022
CVSS 6.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV