mozilla

3,565 tracked vulnerabilities.

CVE-2020-26954 MEDIUM
Firefox < 83.0 - Cross-Origin Attack via Malicious Intent Manifest
Dec 09, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-26953 MEDIUM
Firefox <83- Thunderbird <78.5 - Info Disclosure
Dec 09, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-26952 HIGH
Firefox < 83.0 - Out-of-bounds Write via JIT Compilation
Dec 09, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-26951 MEDIUM
Firefox < 83.0 and Firefox ESR < 78.5 - Cross-Site Scripting via SVG Load Event Bypass
Dec 09, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-26950 HIGH
Firefox MCallGetProperty Write Side Effects Use After Free Exploit
Dec 09, 2020
CVSS 8.8
EPSS 0.48
CVE-2020-6829 MEDIUM
Firefox < 80 - ECDSA Nonce Leak via wNAF Point Multiplication
Oct 28, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-15684 CRITICAL
Firefox < 82.0 - Use-After-Free
Oct 22, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-15683 CRITICAL
Firefox < 82.0 and Firefox ESR < 78.4 - Use-After-Free
Oct 22, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-15682 MEDIUM
Firefox < 82.0 - Origin Spoofing via External Protocol Prompt
Oct 22, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-15681 HIGH
Firefox < 82.0 - Use-After-Free in WASM Thread Shared Stub Table
Oct 22, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-15680 MEDIUM
Firefox < 82.0 - External Protocol Handler Detection via Image Tag
Oct 22, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-25648 HIGH
Network Security Services < 3.58 - Denial of Service via TLS 1.3 CCS Message Flood
Oct 20, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-15646 MEDIUM
Thunderbird <68.10.0 - Info Disclosure
Oct 08, 2020
CVSS 5.9
EPSS 0.00
CVE-2020-12401 MEDIUM
Firefox < 80 - Timing Side-Channel in ECDSA Signature Generation
Oct 08, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-12400 MEDIUM
Firefox <80 - Timing-Based Side Channel
Oct 08, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-15678 HIGH
Firefox < 81.0 and Firefox ESR < 78.3 - Use-After-Free in APZCTreeManager
Oct 01, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-15677 MEDIUM
Firefox < 81.0, Firefox ESR < 78.3, Thunderbird < 78.3 - Open Redirect via Download File Dialog
Oct 01, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-15676 MEDIUM
Firefox < 81.0, Firefox ESR < 78.3, Thunderbird < 78.3 - Cross-Site Scripting via SVG onload Handler
Oct 01, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-15675 HIGH
Firefox < 81.0 - Use-After-Free in Surface Processing
Oct 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-15674 HIGH
Firefox < 81.0 - Memory Corruption
Oct 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-15673 HIGH
Firefox < 81.0 and Firefox ESR < 78.3 - Use-After-Free
Oct 01, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-15671 LOW
Firefox for Android < 80.0 - Password Exposure via InputContext Race Condition
Oct 01, 2020
CVSS 3.1
EPSS 0.00
CVE-2020-15670 HIGH
Firefox < 80 and Firefox ESR < 78.2 - Memory Corruption
Oct 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-15669 HIGH
Firefox ESR < 68.12 and Thunderbird < 68.12 - Use-After-Free via Abort Signal Handling
Oct 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-15668 MEDIUM
Firefox < 80 - Improper Locking in Certificate Trust Database
Oct 01, 2020
CVSS 4.3
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV