mozilla

3,621 tracked vulnerabilities.

CVE-2022-2200 HIGH
Firefox < 102.0 and Firefox ESR < 91.11 - Prototype Pollution leading to Privileged Code Execution
Dec 22, 2022
CVSS 8.8
EPSS 0.24
CVE-2022-29918 HIGH
Firefox < 100.0 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-29917 CRITICAL
Firefox < 100.0 and Firefox ESR < 91.9 - Out-of-bounds Write
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-29916 MEDIUM
Firefox < 100.0 and Firefox ESR < 91.9 - Browser History Probing via CSS Variable Resource Loading
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-29915 MEDIUM
Firefox < 100.0 - Origin Validation Error via Performance API
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-29914 MEDIUM
Firefox < 100.0 and Firefox ESR < 91.9 - UI Spoofing via Fullscreen Notification Overlay
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-29913 MEDIUM
Thunderbird < 91.9 - Improper Authorization via Speech Synthesis Feature
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-29912 MEDIUM
Firefox < 100.0 and Firefox ESR < 91.9 - Open Redirect via Reader Mode
Dec 22, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-29911 MEDIUM
Thunderbird <91.9 & Firefox <100 - XSS
Dec 22, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-29910 MEDIUM
Firefox for Android < 100.0 - HSTS Bypass via Improper Persistence
Dec 22, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-29909 HIGH
Firefox < 100.0 and Firefox ESR < 91.9 - Incorrect Default Permissions via Cross-Origin Browsing Context
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28289 HIGH
Firefox < 99.0 and Firefox ESR < 91.8 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28288 HIGH
Firefox < 99.0 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28287 MEDIUM
Firefox < 99.0 - Denial of Service via Text Selection Caching
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28286 MEDIUM
Firefox < 99.0 and Firefox ESR < 91.8 - UI Spoofing via Iframe Layout Rendering
Dec 22, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-28285 MEDIUM
Firefox < 99.0 and Firefox ESR < 91.8 - Out-of-bounds Read in MLoadTypedArrayElementHole
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28284 HIGH
Firefox < 99.0 - Cross-Site Scripting via SVG Use Element
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28283 MEDIUM
Firefox < 99.0 - Unauthenticated Arbitrary File Read via DevTools sourceMapURL
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-28282 MEDIUM
Firefox < 99.0 and Firefox ESR < 91.8 - Use-After-Free via Localization Link
Dec 22, 2022
CVSS 6.5
EPSS 0.02
CVE-2022-28281 HIGH
Firefox < 99.0 and Firefox ESR < 91.8 - Out-of-bounds Write via WebAuthN Extensions
Dec 22, 2022
CVSS 8.8
EPSS 0.03
CVE-2022-26486 CRITICAL KEV
Firefox < 97.0.2, ESR < 91.6.1, Android < 97.3.0, Thunderbird < 91.6.2, Focus < 97.3.0 - Use-After-Free via WebGPU IPC
Dec 22, 2022
CVSS 9.6
EPSS 0.02
CVE-2022-26485 HIGH KEV
Firefox < 97.0.2 - Use After Free
Dec 22, 2022
CVSS 8.8
EPSS 0.14
CVE-2022-26387 HIGH
Firefox < 98 and Firefox ESR < 91.7 - Time-of-check Time-of-use Race Condition in Add-on Installation
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-26386 MEDIUM
Firefox ESR < 91.7 - Info Disclosure
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-26385 MEDIUM
Firefox < 98.0 - Use-After-Free during Thread Shutdown
Dec 22, 2022
CVSS 6.5
EPSS 0.01