mozilla
3,621 tracked vulnerabilities.
CVE-2022-22743
MEDIUM
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - Info Disclosure
Dec 22, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-22742
MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Read in Edit Mode Text Insertion
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22741
HIGH
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - Info Disclosure
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-22740
HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Use-After-Free in Network Request Handling
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22739
MEDIUM
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - CSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22738
HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Write via CSS Filter Effect
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22737
HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Use-After-Free via Audio Sink Race Condition
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-22736
HIGH
Firefox < 96.0 - Local Privilege Escalation via World-Writable Installation Directory
Dec 22, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-1887
CRITICAL
Firefox for iOS < 101 - SQL Injection
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-1834
MEDIUM
Thunderbird < 91.10 - Improper Certificate Validation via Braille Pattern Blank Character
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-1802
HIGH
Firefox < 100.0.2, Firefox ESR < 91.9.1, Thunderbird < 91.9.1 - Privileged JavaScript Execution via Prototype Pollution
Dec 22, 2022
CVSS 8.8
EPSS 0.27
CVE-2022-1529
HIGH
Firefox < 100.0.2 and Firefox ESR < 91.9.1 - Prototype Pollution via Parent Process Message Handling
Dec 22, 2022
CVSS 8.8
EPSS 0.17
CVE-2022-1520
MEDIUM
Thunderbird < 91.9 - Origin Validation Error in Attached Message Security Status Display
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-1197
MEDIUM
Thunderbird < 91.8 - Improper Certificate Validation
Dec 22, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-1196
MEDIUM
Firefox ESR < 91.8 - Use-After-Free in VR Process
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-1097
MEDIUM
Firefox < 99.0 and Firefox ESR < 91.8 - Use-After-Free in NSSToken
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-0843
HIGH
Firefox < 98 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-0566
HIGH
Thunderbird <91.6.1 - Buffer Overflow
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-0517
HIGH
Mozilla VPN < 2.7.1 - Arbitrary Code Execution via OpenSSL Configuration File
Dec 22, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0511
HIGH
Mozilla Firefox <97 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-4066
LOW
davidmoreno onion - Info Disclosure
Nov 19, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-3479
HIGH
Network Security Services 3.77-3.87 - Denial of Service via Client Auth Crash
Oct 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-21190
HIGH
convict < 6.2.3 - Prototype Pollution via Bypass of CVE-2022-22143 Fix
May 13, 2022
CVSS 7.5
EPSS 0.04
CVE-2022-29167
HIGH
Hawk < 9.0.1 - Denial of Service via Host Header Regular Expression
May 05, 2022
CVSS 7.4
EPSS 0.01
CVE-2022-22143
HIGH
convict <6.2.2 - Prototype Pollution
May 01, 2022
CVSS 7.5
EPSS 0.02
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters