mozilla

3,621 tracked vulnerabilities.

CVE-2020-12424 MEDIUM
Firefox < 78.0 - Permission Prompt Bypass via WebRTC URI
Jul 09, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-13790 HIGH
libjpeg-turbo 2.0.4 and mozjpeg 4.0.0 - Heap-Based Buffer Over-Read in get_rgb_row
Jun 03, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-6831 CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Out-of-bounds Write via SCTP Chunk Parsing
May 26, 2020
CVSS 9.8
EPSS 0.06
CVE-2020-6830 HIGH
Firefox for iOS < 25.0 - Exposure of Sensitive Information via Bridging Token Leak
May 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-12392 MEDIUM
Firefox ESR < 68.8 - Info Disclosure
May 26, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-12391 HIGH
Firefox < 76.0 - Cross-Origin Script Execution via data: URL in OBJECT Element
May 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-12390 CRITICAL
Firefox < 76.0 - Incorrect Origin Serialization via IPv6 URL Handling
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12389 CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Insufficient Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.02
CVE-2020-12388 CRITICAL
Firefox < 76.0 and Firefox ESR < 68.8.0 - Sandbox Escape via Content Process Access Control
May 26, 2020
CVSS 10.0
EPSS 0.03
CVE-2020-12387 HIGH
Firefox ESR < 68.8 - Use After Free
May 26, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-12396 CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12395 CRITICAL
Mozilla Firefox <76 - Memory Corruption
May 26, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-12394 LOW
Firefox < 76.0 - Location Bar Spoofing via Origin Selection and Focus Removal
May 26, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-12393 HIGH
Firefox ESR < 68.8 - Command Injection
May 26, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-12397 MEDIUM
Thunderbird <68.8.0 - Info Disclosure
May 22, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6828 HIGH
Firefox ESR < 68.7.0 - Path Traversal and Arbitrary File Write via Malicious Android Intent
Apr 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6827 MEDIUM
Firefox for Android - Info Disclosure
Apr 24, 2020
CVSS 4.7
EPSS 0.01
CVE-2020-6826 CRITICAL
Firefox < 75.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6825 CRITICAL
Firefox < 75.0 and Firefox ESR < 68.7.0 - Out-of-bounds Write
Apr 24, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6824 LOW
Firefox < 75.0 - Session Fixation via Password Generation in Private Browsing Mode
Apr 24, 2020
CVSS 2.8
EPSS 0.00
CVE-2020-6823 CRITICAL
Firefox < 75.0 - Unauthenticated Authorization Bypass via WebAuthFlow Redirect
Apr 24, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6822 HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Out-of-bounds Write in GMPDecodeData
Apr 24, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6821 HIGH
Firefox < 75.0, Firefox ESR < 68.7.0, Thunderbird < 68.7.0 - Information Disclosure via WebGL copyTexSubImage
Apr 24, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6820 HIGH KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via ReadableStream Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.06
CVE-2020-6819 HIGH KEV
Firefox < 74.0.1 and ESR < 68.6.1, Thunderbird < 68.7.0 - Use-After-Free via nsDocShell Destructor Race Condition
Apr 24, 2020
CVSS 8.1
EPSS 0.03