mozilla

3,565 tracked vulnerabilities.

CVE-2019-9788 CRITICAL
Mozilla Firefox <66 - Memory Corruption
Apr 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-7317 MEDIUM
libpng 1.6.0-1.6.36 - Use-After-Free in png_image_free
Feb 04, 2019
CVSS 5.3
EPSS 0.01
CVE-2018-18508 MEDIUM
Network Security Services < 3.36.7 and < 3.41.1 - Denial of Service via Malformed Signature
Oct 22, 2020
CVSS 6.5
EPSS 0.00
CVE-2018-12371 HIGH
Firefox < 61 and Firefox ESR < 60.1 - Use-After-Free via Skia Edge Builder Memory Allocation
Jul 09, 2020
CVSS 8.8
EPSS 0.00
CVE-2018-12404 MEDIUM
Network Security Services < 3.41 - RSA Handshake Side Channel Attack
May 02, 2019
CVSS 5.9
EPSS 0.13
CVE-2018-5123 HIGH
Bugzilla < 4.4 - Cross-Site Request Forgery via Image Generation in report.cgi
Apr 29, 2019
CVSS 8.8
EPSS 0.00
CVE-2018-12384 MEDIUM
Network Security Services < 3.39 - Predictable PRNG Seed via SSLv2 ClientHello Handling
Apr 29, 2019
CVSS 5.9
EPSS 0.01
CVE-2018-5124 MEDIUM
Firefox < 58.0.1 - Remote Code Execution via Browser UI HTML Injection
Apr 26, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-18513 HIGH
Thunderbird < 60.5.0 - Denial of Service via Crafted S/MIME Message or XPI Package
Apr 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2018-18512 CRITICAL
Thunderbird < 60.5 - Use-After-Free in Sound Notification
Apr 26, 2019
CVSS 9.8
EPSS 0.00
CVE-2018-18511 MEDIUM
Firefox < 65.0.1 - Unauthorized Cross-Origin Image Data Exposure via Canvas transferFromImageBitmap
Apr 26, 2019
CVSS 4.3
EPSS 0.01
CVE-2018-18510 MEDIUM
Firefox < 64.0 - Denial of Service via about:crashcontent and about:crashparent Pages
Apr 26, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-18509 MEDIUM
Thunderbird < 60.5.1 - Improper Verification of Cryptographic Signature
Apr 26, 2019
CVSS 5.3
EPSS 0.00
CVE-2018-5179 HIGH
Firefox < 60.0 - Service Worker Resource Exhaustion via Self-Activated Event
Apr 26, 2019
CVSS 7.5
EPSS 0.00
CVE-2018-14498 MEDIUM
libjpeg-turbo <1.5.90, MozJPEG <3.3.1 - DoS
Mar 07, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-18499 MEDIUM
Firefox < 62.0 and Firefox ESR < 60.2 - Same-Origin Policy Violation via Meta Refresh and performance.getEntries()
Feb 28, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-18498 CRITICAL
Firefox < 64.0 - Integer Overflow and Out-of-Bounds Write via Image Buffer Calculation
Feb 28, 2019
CVSS 9.8
EPSS 0.08
CVE-2018-18497 MEDIUM
Firefox < 64.0 - Privilege Escalation via WebExtension URI Bypass
Feb 28, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-18496 HIGH
Firefox < 64.0 - Clickjacking via RSS Feed Preview Frame
Feb 28, 2019
CVSS 8.8
EPSS 0.00
CVE-2018-18495 MEDIUM
Firefox < 64.0 - Incorrect Permission Assignment for Critical Resource via WebExtension Content Scripts
Feb 28, 2019
CVSS 6.5
EPSS 0.00
CVE-2018-18494 MEDIUM
Firefox < 64 - Same-Origin Policy Bypass via performance.getEntries()
Feb 28, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-18493 CRITICAL
Firefox < 64 and Thunderbird < 60.4 - Memory Corruption via Skia Buffer Offset Calculation
Feb 28, 2019
CVSS 9.8
EPSS 0.24
CVE-2018-18492 CRITICAL
Firefox < 64 - Use-After-Free in Selection Element Deletion
Feb 28, 2019
CVSS 9.8
EPSS 0.34
CVE-2018-12407 CRITICAL
Firefox < 64.0 - Buffer Overflow in ANGLE VertexBuffer11 Module
Feb 28, 2019
CVSS 9.8
EPSS 0.03
CVE-2018-12406 HIGH
Mozilla Firefox <64 - Memory Corruption
Feb 28, 2019
CVSS 8.8
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV