mozilla
3,621 tracked vulnerabilities.
CVE-2020-6815
CRITICAL
Firefox < 74.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-6814
CRITICAL
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Write
Mar 25, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-6813
MEDIUM
Firefox < 74.0 - Content Security Policy Bypass via CSS @import Statement
Mar 25, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-6812
MEDIUM
Firefox < 74.0 and Firefox ESR < 68.6.0 - Exposure of Sensitive Information via AirPods Device Name Enumeration
Mar 25, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-6811
HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Command Injection via Devtools Copy as cURL
Mar 25, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-6810
MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via Fullscreen Mode Popup
Mar 25, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6809
HIGH
Firefox < 74.0 - Unauthenticated Arbitrary File Read via Web Extension Fetch Request
Mar 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6808
MEDIUM
Firefox < 74.0 - Authentication Bypass by Spoofing via JavaScript URL Evaluation
Mar 25, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6807
HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free via Stream Reinitialization
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6806
HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Out-of-bounds Read via Promise Resolution
Mar 25, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-6805
HIGH
Firefox < 74.0 and Firefox ESR < 68.6.0 - Use-After-Free in Quota Manager
Mar 25, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6816
MEDIUM
Mozilla Bleach < 3.1.2 - Cross-Site Scripting via RCDATA with SVG or Math Tags
Mar 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-6802
MEDIUM
Mozilla Bleach < 3.1.1 - Cross-Site Scripting via Mutation with Raw Tag
Mar 24, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-6801
HIGH
Firefox < 73.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6800
HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-6799
HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Command Injection via Shell Handler File Type Association
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6798
MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Cross-Site Scripting via Template Tag in Select Element
Mar 02, 2020
CVSS 6.1
EPSS 0.02
CVE-2020-6797
MEDIUM
Firefox < 73.0 and Firefox ESR < 68.5.0 - Arbitrary Application Launch via .fileloc Extension
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6796
HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write via Crash Reporting Shared Memory
Mar 02, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-6795
MEDIUM
Thunderbird < 68.5.0 - Null Pointer Dereference in S/MIME Signature Processing
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6794
MEDIUM
Thunderbird <68.5 - Info Disclosure
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6793
MEDIUM
Thunderbird < 68.5.0 - Use of Uninitialized Resource via Ill-Formed Email Envelope
Mar 02, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-6792
MEDIUM
Thunderbird < 68.5.0 - Information Disclosure via Uninitialized Memory in Email Identifier Derivation
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-6804
HIGH
Mozilla WebThings Gateway 0.3.0-0.11.0 - Reflected Cross-Site Scripting via Crafted URL
Feb 28, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6803
MEDIUM
Mozilla WebThings Gateway < 2020-02-26 - Open Redirect via Login Page
Feb 28, 2020
CVSS 5.4
EPSS 0.01
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters