mozilla
3,621 tracked vulnerabilities.
CVE-2019-9794
CRITICAL
Firefox < 66 and Thunderbird < 60.6 - Argument Injection via URL Handler Command Line Arguments
Apr 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9793
MEDIUM
Firefox < 66.0, Firefox ESR < 60.6, Thunderbird < 60.6 - Memory Corruption via Disabled Spectre Mitigations
Apr 26, 2019
CVSS 5.9
EPSS 0.02
CVE-2019-9792
CRITICAL
Thunderbird <60.6, Firefox ESR <60.6, Firefox <66 - Memory Corruption
Apr 26, 2019
CVSS 9.8
EPSS 0.13
CVE-2019-9791
CRITICAL
Thunderbird <60.6-Firefox <66 - Memory Corruption
Apr 26, 2019
CVSS 9.8
EPSS 0.20
CVE-2019-9790
CRITICAL
Thunderbird <60.6-Firefox <66 - Use After Free
Apr 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-9789
CRITICAL
Mozilla Firefox <66 - Memory Corruption
Apr 26, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-9788
CRITICAL
Mozilla Firefox <66 - Memory Corruption
Apr 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-7317
MEDIUM
libpng 1.6.0-1.6.36 - Use-After-Free in png_image_free
Feb 04, 2019
CVSS 5.3
EPSS 0.09
CVE-2018-18508
MEDIUM
Network Security Services < 3.36.7 and < 3.41.1 - Denial of Service via Malformed Signature
Oct 22, 2020
CVSS 6.5
EPSS 0.02
CVE-2018-12371
HIGH
Firefox < 61 and Firefox ESR < 60.1 - Use-After-Free via Skia Edge Builder Memory Allocation
Jul 09, 2020
CVSS 8.8
EPSS 0.01
CVE-2018-12404
MEDIUM
Network Security Services < 3.41 - RSA Handshake Side Channel Attack
May 02, 2019
CVSS 5.9
EPSS 0.44
CVE-2018-5123
HIGH
Bugzilla < 4.4 - Cross-Site Request Forgery via Image Generation in report.cgi
Apr 29, 2019
CVSS 8.8
EPSS 0.01
CVE-2018-12384
MEDIUM
Network Security Services < 3.39 - Predictable PRNG Seed via SSLv2 ClientHello Handling
Apr 29, 2019
CVSS 5.9
EPSS 0.01
CVE-2018-5124
MEDIUM
Firefox < 58.0.1 - Remote Code Execution via Browser UI HTML Injection
Apr 26, 2019
CVSS 6.1
EPSS 0.01
CVE-2018-18513
HIGH
Thunderbird < 60.5.0 - Denial of Service via Crafted S/MIME Message or XPI Package
Apr 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2018-18512
CRITICAL
Thunderbird < 60.5 - Use-After-Free in Sound Notification
Apr 26, 2019
CVSS 9.8
EPSS 0.02
CVE-2018-18511
MEDIUM
Firefox < 65.0.1 - Unauthorized Cross-Origin Image Data Exposure via Canvas transferFromImageBitmap
Apr 26, 2019
CVSS 4.3
EPSS 0.02
CVE-2018-18510
MEDIUM
Firefox < 64.0 - Denial of Service via about:crashcontent and about:crashparent Pages
Apr 26, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-18509
MEDIUM
Thunderbird < 60.5.1 - Improper Verification of Cryptographic Signature
Apr 26, 2019
CVSS 5.3
EPSS 0.02
CVE-2018-5179
HIGH
Firefox < 60.0 - Service Worker Resource Exhaustion via Self-Activated Event
Apr 26, 2019
CVSS 7.5
EPSS 0.01
CVE-2018-14498
MEDIUM
libjpeg-turbo <1.5.90, MozJPEG <3.3.1 - DoS
Mar 07, 2019
CVSS 6.5
EPSS 0.03
CVE-2018-18499
MEDIUM
Firefox < 62.0 and Firefox ESR < 60.2 - Same-Origin Policy Violation via Meta Refresh and performance.getEntries()
Feb 28, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-18498
CRITICAL
Firefox < 64.0 - Integer Overflow and Out-of-Bounds Write via Image Buffer Calculation
Feb 28, 2019
CVSS 9.8
EPSS 0.04
CVE-2018-18497
MEDIUM
Firefox < 64.0 - Privilege Escalation via WebExtension URI Bypass
Feb 28, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-18496
HIGH
Firefox < 64.0 - Clickjacking via RSS Feed Preview Frame
Feb 28, 2019
CVSS 8.8
EPSS 0.01
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters