mozilla
3,621 tracked vulnerabilities.
CVE-2020-26960
HIGH
Firefox < 83.0 and Firefox ESR < 78.5 - Use-After-Free via nsTArray Compact Method
Dec 09, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-26959
HIGH
Firefox <83, Firefox ESR <78.5, Thunderbird <78.5 - Use After Free
Dec 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-26958
MEDIUM
Firefox < 83.0, Firefox ESR < 78.5, and Thunderbird < 78.5 - Cross-Site Scripting via ServiceWorker Cached Response
Dec 09, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26957
MEDIUM
Firefox for Android < 83.0 - Certificate Revocation Bypass via Missing OneCRL Service Initialization
Dec 09, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-26956
MEDIUM
Firefox <83 - Firefox ESR <78.5 - Thunderbird <78.5 - XSS
Dec 09, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26955
MEDIUM
Firefox for Android < 83.0 - Cookie Reuse Across Private and Non-Private Browsing Modes
Dec 09, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-26954
MEDIUM
Firefox < 83.0 - Cross-Origin Attack via Malicious Intent Manifest
Dec 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26953
MEDIUM
Firefox <83- Thunderbird <78.5 - Info Disclosure
Dec 09, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-26952
HIGH
Firefox < 83.0 - Out-of-bounds Write via JIT Compilation
Dec 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-26951
MEDIUM
Firefox < 83.0 and Firefox ESR < 78.5 - Cross-Site Scripting via SVG Load Event Bypass
Dec 09, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-26950
HIGH
Firefox MCallGetProperty Write Side Effects Use After Free Exploit
Dec 09, 2020
CVSS 8.8
EPSS 0.42
CVE-2020-6829
MEDIUM
Firefox < 80 - ECDSA Nonce Leak via wNAF Point Multiplication
Oct 28, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-15684
CRITICAL
Firefox < 82.0 - Use-After-Free
Oct 22, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-15683
CRITICAL
Firefox < 82.0 and Firefox ESR < 78.4 - Use-After-Free
Oct 22, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-15682
MEDIUM
Firefox < 82.0 - Origin Spoofing via External Protocol Prompt
Oct 22, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-15681
HIGH
Firefox < 82.0 - Use-After-Free in WASM Thread Shared Stub Table
Oct 22, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-15680
MEDIUM
Firefox < 82.0 - External Protocol Handler Detection via Image Tag
Oct 22, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-25648
HIGH
Network Security Services < 3.58 - Denial of Service via TLS 1.3 CCS Message Flood
Oct 20, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-15646
MEDIUM
Thunderbird <68.10.0 - Info Disclosure
Oct 08, 2020
CVSS 5.9
EPSS 0.01
CVE-2020-12401
MEDIUM
Firefox < 80 - Timing Side-Channel in ECDSA Signature Generation
Oct 08, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-12400
MEDIUM
Firefox <80 - Timing-Based Side Channel
Oct 08, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-15678
HIGH
Firefox < 81.0 and Firefox ESR < 78.3 - Use-After-Free in APZCTreeManager
Oct 01, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-15677
MEDIUM
Firefox < 81.0, Firefox ESR < 78.3, Thunderbird < 78.3 - Open Redirect via Download File Dialog
Oct 01, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-15676
MEDIUM
Firefox < 81.0, Firefox ESR < 78.3, Thunderbird < 78.3 - Cross-Site Scripting via SVG onload Handler
Oct 01, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-15675
HIGH
Firefox < 81.0 - Use-After-Free in Surface Processing
Oct 01, 2020
CVSS 8.8
EPSS 0.01
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters