mozilla

3,621 tracked vulnerabilities.

CVE-2022-34477 HIGH
Firefox < 102.0 - Cross-Site Leak via MediaError Message Inconsistency
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34476 CRITICAL
Firefox < 102.0 - ASN.1 Parsing Vulnerability via Malformed Indefinite SEQUENCE
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34475 MEDIUM
Firefox < 102.0 - Cross-Site Scripting via SVG Use Tag and HTML Sanitizer API
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-34474 MEDIUM
Firefox < 102.0 - Open Redirect via Sandboxed Iframe
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-34473 MEDIUM
Firefox < 102.0 - Cross-Site Scripting via SVG xlink:href Attribute
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-34472 MEDIUM
Firefox <102, Thunderbird <91.11 - Info Disclosure
Dec 22, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34471 MEDIUM
Firefox < 102.0 - Addon Downgrade via Manifest Version Mismatch
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-34470 CRITICAL
Firefox < 102.0 and Firefox ESR < 91.11 - Use-After-Free in Session History Navigation
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34469 HIGH
Firefox for Android < 102.0 - Improper Certificate Validation
Dec 22, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-34468 HIGH
Firefox < 102.0 and Firefox ESR < 91.11 - Script Execution via JavaScript Link Click
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-31748 CRITICAL
Firefox < 101 - Memory Corruption
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31747 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Memory Corruption
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31746 MEDIUM
Firefox for iOS < 102.0 - Exposure of Sensitive Information via Referrer Header
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31745 MEDIUM
Firefox < 101.0 - Use-After-Free via Garbage Collector Array Shift Confusion
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-31744 MEDIUM
Firefox < 101.0 and Firefox ESR < 91.11 - Cross-Site Scripting via CSS Injection in Internal URI Stylesheets
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31743 MEDIUM
Firefox < 101.0 - Cross-Site Scripting via HTML Comment Parsing Incongruity
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-31742 MEDIUM
Firefox < 101 and Firefox ESR < 91.10 - Cross-Origin Account Linking via WebAuthn Timing Attack
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31741 HIGH
Firefox < 101 and Firefox ESR < 91.10 - Use of Uninitialized Resource via Crafted CMS Message
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-31740 HIGH
Firefox < 101.0 and Firefox ESR < 91.10 - Memory Corruption via WASM Assembly Generation
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-31739 HIGH
Firefox < 101 and Firefox ESR < 91.10 - Path Traversal via Unescaped % Character in Download Path
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-31738 MEDIUM
Firefox < 101 and Firefox ESR < 91.10 - Authentication Bypass by Spoofing via Fullscreen Mode Exit
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31737 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Out-of-bounds Write in WebGL
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31736 CRITICAL
Firefox < 101 and Firefox ESR < 91.10 - Cross-Origin Resource Size Leak via Range Requests
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-2505 HIGH
Mozilla Firefox <103 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-2226 MEDIUM
Thunderbird < 91.11 and < 102 - Digital Signature Replay Attack via Date Mismatch
Dec 22, 2022
CVSS 6.5
EPSS 0.00