mozilla

3,621 tracked vulnerabilities.

CVE-2020-6815 CRITICAL
Firefox < 74.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6814 CRITICAL
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6813 MEDIUM
Firefox < 74.0 - Content Security Policy Bypass via CSS @import Statement
Mar 25, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-6812 MEDIUM
Firefox < 74.0 and Firefox ESR < 68.6.0 - Exposure of Sensitive Information via AirPods Device Name Enumeration
Mar 25, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-6811 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Command Injection via Devtools Copy as cURL
Mar 25, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-6810 MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via Fullscreen Mode Popup
Mar 25, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6809 HIGH
Firefox < 74.0 - Unauthenticated Arbitrary File Read via Web Extension Fetch Request
Mar 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6808 MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via JavaScript URL Evaluation
Mar 25, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6807 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free via Stream Reinitialization
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6806 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Read via Promise Resolution
Mar 25, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-6805 HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free in Quota Manager
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6816 MEDIUM
Mozilla Bleach < 3.1.2 - Cross-Site Scripting via RCDATA with SVG or Math Tags
Mar 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6802 MEDIUM
Mozilla Bleach < 3.1.1 - Cross-Site Scripting via Mutation with Raw Tag
Mar 24, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-6801 HIGH
Firefox < 73.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6800 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-6799 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Command Injection via Shell Handler File Type Association
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6798 MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Cross-Site Scripting via Template Tag in Select Element
Mar 02, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-6797 MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Arbitrary Application Launch via .fileloc Extension
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6796 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write via Crash Reporting Shared Memory
Mar 02, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-6795 MEDIUM
Thunderbird < 68.5.0 - Null Pointer Dereference in S/MIME Signature Processing
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6794 MEDIUM
Thunderbird <68.5 - Info Disclosure
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6793 MEDIUM
Thunderbird < 68.5.0 - Use of Uninitialized Resource via Ill-Formed Email Envelope
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6792 MEDIUM
Thunderbird < 68.5.0 - Information Disclosure via Uninitialized Memory in Email Identifier Derivation
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6804 HIGH
Mozilla WebThings Gateway 0.3.0-0.11.0 - Reflected Cross-Site Scripting via Crafted URL
Feb 28, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6803 MEDIUM
Mozilla WebThings Gateway < 2020-02-26 - Open Redirect via Login Page
Feb 28, 2020
CVSS 5.4
EPSS 0.01