mozilla

3,621 tracked vulnerabilities.

CVE-2022-26384 CRITICAL
Firefox <98, Firefox ESR <91.7, Thunderbird <91.7 - XSS
Dec 22, 2022
CVSS 9.6
EPSS 0.01
CVE-2022-26383 MEDIUM
Firefox < 98.0, Firefox ESR < 91.7, and Thunderbird < 91.7 - Fullscreen Notification Bypass via Popup Resizing
Dec 22, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-26382 MEDIUM
Firefox < 98.0 - Information Disclosure via Autofill Tooltip Font Rendering
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-26381 HIGH
Firefox <98- Thunderbird <91.7 - Use After Free
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22764 HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22763 HIGH
Firefox < 96.0, Firefox ESR < 91.6, Thunderbird < 91.6 - Race Condition in Worker Shutdown
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22762 MEDIUM
Firefox < 97.0 - User Interface Misrepresentation via JavaScript Alert Overlay
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-22761 HIGH
Firefox < 97, Thunderbird < 91.6, Firefox ESR < 91.6 - Info Disclosure
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22760 MEDIUM
Firefox < 97.0 and Firefox ESR < 91.6 - Information Disclosure via Web Worker Resource Import Error Messages
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22759 CRITICAL
Firefox < 97, Thunderbird < 91.6, Firefox ESR < 91.6 - XSS
Dec 22, 2022
CVSS 9.6
EPSS 0.01
CVE-2022-22758 HIGH
Firefox < 97.0 - Cleartext Transmission of Sensitive Information via USSD Code Injection in tel: Links
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-22757 MEDIUM
Firefox < 97.0 - Remote Browser Control via WebDriver Host Header Spoofing
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22756 HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Arbitrary Code Execution via Drag-and-Drop Image
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22755 HIGH
Firefox < 97.0 - Use-After-Free via XSL Transforms
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22754 MEDIUM
Firefox < 97.0 and Firefox ESR < 91.6 - Incorrect Authorization via Extension Auto-Update
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22753 HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Time-of-Check Time-of-Use Race Condition in Maintenance Service
Dec 22, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-22752 HIGH
Firefox < 96.0 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22751 HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22750 MEDIUM
Firefox < 96 - Privilege Escalation
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22749 MEDIUM
Firefox < 96.0 - URL Navigation to Non-Web Content via QR Code Scanner
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-22748 MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Origin Spoofing via External URL Protocol Handler
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22747 MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Denial of Service via Empty PKCS7 Sequence
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22746 MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Fullscreen Notification Bypass via Race Condition
Dec 22, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-22745 MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Exposure of Sensitive Information via Security Policy Violation Events
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22744 HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Command Injection via DevTools Copy as curl
Dec 22, 2022
CVSS 8.8
EPSS 0.01