mozilla
3,621 tracked vulnerabilities.
CVE-2020-12424
MEDIUM
Firefox < 78.0 - Permission Prompt Bypass via WebRTC URI
Jul 09, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13790
HIGH
libjpeg-turbo 2.0.4 and mozjpeg 4.0.0 - Heap-Based Buffer Over-Read in get_rgb_row
Jun 03, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-6831
CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Out-of-bounds Write via SCTP Chunk Parsing
May 26, 2020
CVSS 9.8
EPSS 0.06
CVE-2020-6830
HIGH
Firefox for iOS < 25.0 - Exposure of Sensitive Information via Bridging Token Leak
May 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-12392
MEDIUM
Firefox ESR < 68.8 - Info Disclosure
May 26, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-12391
HIGH
Firefox < 76.0 - Cross-Origin Script Execution via data: URL in OBJECT Element
May 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-12390
CRITICAL
Firefox < 76.0 - Incorrect Origin Serialization via IPv6 URL Handling
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12389
CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Insufficient Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.02
CVE-2020-12388
CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.03
CVE-2020-12387
HIGH
Firefox ESR < 68.8 - Use After Free
May 26, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-12396
CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12395
CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12394
LOW
Firefox < 76.0 - Location Bar Spoofing via Origin Selection and Focus Removal
May 26, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-12393
HIGH
Firefox ESR < 68.8 - Command Injection
May 26, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-12397
MEDIUM
Thunderbird <68.8.0 - Info Disclosure
May 22, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6828
HIGH
Firefox ESR < 68.7.0 - Path Traversal and Arbitrary File Write via Malicious Android Intent
Apr 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6827
MEDIUM
Firefox for Android - Info Disclosure
Apr 24, 2020
CVSS 4.7
EPSS 0.01
CVE-2020-6826
CRITICAL
Firefox < 75.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6825
CRITICAL
Firefox < 75.0 and Firefox ESR < 68.7.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6824
LOW
Firefox < 75.0 - Session Fixation via Password Generation in Private Browsing Mode
Apr 24, 2020
CVSS 2.8
EPSS 0.00
CVE-2020-6823
CRITICAL
Firefox < 75.0 - Unauthenticated Authorization Bypass via WebAuthFlow Redirect
Apr 24, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6822
HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Out-of-bounds Write in GMPDecodeData
Apr 24, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6821
HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Information Disclosure via WebGL copyTexSubImage
Apr 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6820
HIGH
KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via ReadableStream Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.06
CVE-2020-6819
HIGH
KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via nsDocShell Destructor Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.03
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters