mozilla

3,565 tracked vulnerabilities.

CVE-2020-12390 CRITICAL
Firefox < 76.0 - Incorrect Origin Serialization via IPv6 URL Handling
May 26, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-12389 CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Insufficient Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.01
CVE-2020-12388 CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.01
CVE-2020-12387 HIGH
Firefox ESR < 68.8 - Use After Free
May 26, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-12396 CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-12395 CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-12394 LOW
Firefox < 76.0 - Location Bar Spoofing via Origin Selection and Focus Removal
May 26, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-12393 HIGH
Firefox ESR < 68.8 - Command Injection
May 26, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-12397 MEDIUM
Thunderbird <68.8.0 - Info Disclosure
May 22, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6828 HIGH
Firefox ESR < 68.7.0 - Path Traversal and Arbitrary File Write via Malicious Android Intent
Apr 24, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-6827 MEDIUM
Firefox for Android - Info Disclosure
Apr 24, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-6826 CRITICAL
Firefox < 75.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-6825 CRITICAL
Firefox < 75.0 and Firefox ESR < 68.7.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6824 LOW
Firefox < 75.0 - Session Fixation via Password Generation in Private Browsing Mode
Apr 24, 2020
CVSS 2.8
EPSS 0.00
CVE-2020-6823 CRITICAL
Firefox < 75.0 - Unauthenticated Authorization Bypass via WebAuthFlow Redirect
Apr 24, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6822 HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Out-of-bounds Write in GMPDecodeData
Apr 24, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6821 HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Information Disclosure via WebGL copyTexSubImage
Apr 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6820 HIGH KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via ReadableStream Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-6819 HIGH KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via nsDocShell Destructor Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-6815 CRITICAL
Firefox < 74.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-6814 CRITICAL
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6813 MEDIUM
Firefox < 74.0 - Content Security Policy Bypass via CSS @import Statement
Mar 25, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-6812 MEDIUM
Firefox < 74.0 and Firefox ESR < 68.6.0 - Exposure of Sensitive Information via AirPods Device Name Enumeration
Mar 25, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-6811 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Command Injection via Devtools Copy as cURL
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6810 MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via Fullscreen Mode Popup
Mar 25, 2020
CVSS 4.3
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV