mozilla

3,565 tracked vulnerabilities.

CVE-2020-6809 HIGH
Firefox < 74.0 - Unauthenticated Arbitrary File Read via Web Extension Fetch Request
Mar 25, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-6808 MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via JavaScript URL Evaluation
Mar 25, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6807 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free via Stream Reinitialization
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6806 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Read via Promise Resolution
Mar 25, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-6805 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free in Quota Manager
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6816 MEDIUM
Mozilla Bleach < 3.1.2 - Cross-Site Scripting via RCDATA with SVG or Math Tags
Mar 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6802 MEDIUM
Mozilla Bleach < 3.1.1 - Cross-Site Scripting via Mutation with Raw Tag
Mar 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6801 HIGH
Firefox < 73.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6800 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6799 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Command Injection via Shell Handler File Type Association
Mar 02, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6798 MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Cross-Site Scripting via Template Tag in Select Element
Mar 02, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-6797 MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Arbitrary Application Launch via .fileloc Extension
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6796 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write via Crash Reporting Shared Memory
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6795 MEDIUM
Thunderbird < 68.5.0 - Null Pointer Dereference in S/MIME Signature Processing
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6794 MEDIUM
Thunderbird <68.5 - Info Disclosure
Mar 02, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6793 MEDIUM
Thunderbird < 68.5.0 - Use of Uninitialized Resource via Ill-Formed Email Envelope
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6792 MEDIUM
Thunderbird < 68.5.0 - Information Disclosure via Uninitialized Memory in Email Identifier Derivation
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6804 HIGH
Mozilla WebThings Gateway 0.3.0-0.11.0 - Reflected Cross-Site Scripting via Crafted URL
Feb 28, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6803 MEDIUM
Mozilla WebThings Gateway < 2020-02-26 - Open Redirect via Login Page
Feb 28, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-25136 CRITICAL
Firefox < 70.0 - Remote Code Execution via XBL Bindings Injection
Jun 19, 2023
CVSS 10.0
EPSS 0.00
CVE-2019-17003 MEDIUM
Firefox < 25.0 - Cross-Site Scripting via QR Code JavaScript URL
Feb 16, 2023
CVSS 6.1
EPSS 0.00
CVE-2019-17007 HIGH
Network Security Services < 3.44 - Denial of Service via Malformed Netscape Certificate Sequence
Oct 22, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-17006 CRITICAL
Siemens Ruggedcom ROX MX5000 Firmware < 2.14.0 - Buffer Overflow via Missing Length Checks
Oct 22, 2020
CVSS 9.8
EPSS 0.03
CVE-2019-17026 HIGH KEV
Firefox < 72.0.1 and Firefox ESR < 68.4.1 - Type Confusion in IonMonkey JIT Compiler
Mar 02, 2020
CVSS 8.8
EPSS 0.60
CVE-2019-9812 CRITICAL
Firefox < 60.9 - Sandbox Escape via Malicious Firefox Sync Account
Jan 08, 2020
CVSS 9.3
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV