mozilla

3,621 tracked vulnerabilities.

CVE-2022-22743 MEDIUM
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - Info Disclosure
Dec 22, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-22742 MEDIUM
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Read in Edit Mode Text Insertion
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22741 HIGH
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - Info Disclosure
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-22740 HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Use-After-Free in Network Request Handling
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22739 MEDIUM
Firefox ESR < 91.5, Firefox < 96, Thunderbird < 91.5 - CSRF
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-22738 HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Out-of-bounds Write via CSS Filter Effect
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-22737 HIGH
Firefox < 96.0 and Firefox ESR < 91.5 - Use-After-Free via Audio Sink Race Condition
Dec 22, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-22736 HIGH
Firefox < 96.0 - Local Privilege Escalation via World-Writable Installation Directory
Dec 22, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-1887 CRITICAL
Firefox for iOS < 101 - SQL Injection
Dec 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-1834 MEDIUM
Thunderbird < 91.10 - Improper Certificate Validation via Braille Pattern Blank Character
Dec 22, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-1802 HIGH
Firefox < 100.0.2, Firefox ESR < 91.9.1, Thunderbird < 91.9.1 - Privileged JavaScript Execution via Prototype Pollution
Dec 22, 2022
CVSS 8.8
EPSS 0.27
CVE-2022-1529 HIGH
Firefox < 100.0.2 and Firefox ESR < 91.9.1 - Prototype Pollution via Parent Process Message Handling
Dec 22, 2022
CVSS 8.8
EPSS 0.17
CVE-2022-1520 MEDIUM
Thunderbird < 91.9 - Origin Validation Error in Attached Message Security Status Display
Dec 22, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-1197 MEDIUM
Thunderbird < 91.8 - Improper Certificate Validation
Dec 22, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-1196 MEDIUM
Firefox ESR < 91.8 - Use-After-Free in VR Process
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-1097 MEDIUM
Firefox < 99.0 and Firefox ESR < 91.8 - Use-After-Free in NSSToken
Dec 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-0843 HIGH
Firefox < 98 - Out-of-bounds Write
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-0566 HIGH
Thunderbird <91.6.1 - Buffer Overflow
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-0517 HIGH
Mozilla VPN < 2.7.1 - Arbitrary Code Execution via OpenSSL Configuration File
Dec 22, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0511 HIGH
Mozilla Firefox <97 - Memory Corruption
Dec 22, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-4066 LOW
davidmoreno onion - Info Disclosure
Nov 19, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-3479 HIGH
Network Security Services 3.77-3.87 - Denial of Service via Client Auth Crash
Oct 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-21190 HIGH
convict < 6.2.3 - Prototype Pollution via Bypass of CVE-2022-22143 Fix
May 13, 2022
CVSS 7.5
EPSS 0.04
CVE-2022-29167 HIGH
Hawk < 9.0.1 - Denial of Service via Host Header Regular Expression
May 05, 2022
CVSS 7.4
EPSS 0.01
CVE-2022-22143 HIGH
convict <6.2.2 - Prototype Pollution
May 01, 2022
CVSS 7.5
EPSS 0.02