mozilla
3,621 tracked vulnerabilities.
CVE-2022-26384
CRITICAL
Firefox <98, Firefox ESR <91.7, Thunderbird <91.7 - XSS
Dec 22, 2022
CVSS 9.6
EPSS 0.01
CVE-2022-26383
MEDIUM
Firefox < 98.0, Firefox ESR < 91.7, and Thunderbird < 91.7 - Fullscreen Notification Bypass via Popup Resizing
Dec 22, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-26382
MEDIUM
Firefox < 98.0 - Information Disclosure via Autofill Tooltip Font Rendering
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-26381
HIGH
Firefox <98- Thunderbird <91.7 - Use After Free
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22764
HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22763
HIGH
Firefox < 96.0, Firefox ESR < 91.6, Thunderbird < 91.6 - Race Condition in Worker Shutdown
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22762
MEDIUM
Firefox < 97.0 - User Interface Misrepresentation via JavaScript Alert Overlay
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-22761
HIGH
Firefox < 97, Thunderbird < 91.6, Firefox ESR < 91.6 - Info Disclosure
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22760
MEDIUM
Firefox < 97.0 and Firefox ESR < 91.6 - Information Disclosure via Web Worker Resource Import Error Messages
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22759
CRITICAL
Firefox < 97, Thunderbird < 91.6, Firefox ESR < 91.6 - XSS
Dec 22, 2022
CVSS 9.6
EPSS 0.01
CVE-2022-22758
HIGH
Firefox < 97.0 - Cleartext Transmission of Sensitive Information via USSD Code Injection in tel: Links
Dec 22, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-22757
MEDIUM
Firefox < 97.0 - Remote Browser Control via WebDriver Host Header Spoofing
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-22756
HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Arbitrary Code Execution via Drag-and-Drop Image
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22755
HIGH
Firefox < 97.0 - Use-After-Free via XSL Transforms
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22754
MEDIUM
Firefox < 97.0 and Firefox ESR < 91.6 - Incorrect Authorization via Extension Auto-Update
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22753
HIGH
Firefox < 97.0 and Firefox ESR < 91.6 - Time-of-Check Time-of-Use Race Condition in Maintenance Service
Dec 22, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-22752
HIGH
Firefox < 96.0 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22751
HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22750
MEDIUM
Firefox < 96 - Privilege Escalation
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22749
MEDIUM
Firefox < 96.0 - URL Navigation to Non-Web Content via QR Code Scanner
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-22748
MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Origin Spoofing via External URL Protocol Handler
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22747
MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Denial of Service via Empty PKCS7 Sequence
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22746
MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Fullscreen Notification Bypass via Race Condition
Dec 22, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-22745
MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Exposure of Sensitive Information via Security Policy Violation Events
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22744
HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Command Injection via DevTools Copy as curl
Dec 22, 2022
CVSS 8.8
EPSS 0.01
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters