mozilla

3,565 tracked vulnerabilities.

CVE-2018-5135 HIGH
Firefox < 59.0 - Missing Authorization for WebExtension Script Injection
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-5134 HIGH
Firefox < 59.0 - Exposure of Sensitive Information via WebExtensions View-Source URL Bypass
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-5133 MEDIUM
Firefox < 59.0 - Stored Cross-Site Scripting via app.support.baseURL Preference
Jun 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-5132 MEDIUM
Firefox < 59.0 - Unauthorized Data Exposure via WebExtension Find API
Jun 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-5131 MEDIUM
Firefox ESR < 52.7 - Info Disclosure
Jun 11, 2018
CVSS 5.9
EPSS 0.01
CVE-2018-5130 HIGH
Firefox <59 - Buffer Overflow
Jun 11, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-5129 HIGH
Redhat Enterprise Linux Server < 59.0 - Out-of-Bounds Write
Jun 11, 2018
CVSS 8.6
EPSS 0.02
CVE-2018-5128 CRITICAL
Firefox < 59.0 - Use-After-Free during Editor Operations
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-5127 HIGH
Thunderbird < 52.7, Firefox ESR < 52.7, Firefox < 59 - Buffer Overflow
Jun 11, 2018
CVSS 8.8
EPSS 0.20
CVE-2018-5126 CRITICAL
Firefox < 59.0 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-5125 HIGH
Firefox <59 - Memory Corruption
Jun 11, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-5122 CRITICAL
Firefox < 58 - Integer Overflow in WebCrypto DoCrypt Function
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-5121 MEDIUM
Firefox < 58 - Domain Name Spoofing via Tibetan Character Rendering
Jun 11, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-5119 MEDIUM
Firefox < 58 - Exposure of Sensitive Information via Reader View
Jun 11, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-5118 MEDIUM
Firefox < 58 - Sensitive Local File Exposure via Activity Stream Screenshot Feature
Jun 11, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-5117 MEDIUM
Firefox <58 - CSRF
Jun 11, 2018
CVSS 5.3
EPSS 0.03
CVE-2018-5116 CRITICAL
Firefox < 58 - Origin Validation Error via WebExtensions ActiveTab Permission
Jun 11, 2018
CVSS 9.8
EPSS 0.00
CVE-2018-5115 HIGH
Firefox < 58 - Exposure of Sensitive Information via HTTP Authentication Prompt
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-5114 MEDIUM
Firefox < 58 - HttpOnly Cookie Information Exposure via Script Access
Jun 11, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-5113 HIGH
Firefox < 58 - Missing Authorization in WebExtensions WebAuthFlow
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-5112 HIGH
Firefox < 58 - Privileged Page Access via Extension Development Tools Panel
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-5111 MEDIUM
Firefox < 58 - URL Spoofing via Address Bar Drag-and-Drop
Jun 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-5110 MEDIUM
Firefox < 58 - Cursor Visibility Manipulation via Scripted Toggle
Jun 11, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-5109 MEDIUM
Firefox < 58 - Origin Validation Error in Audio Capture Request
Jun 11, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-5108 MEDIUM
Firefox < 58 - Exposure of Sensitive Information via Blob URL Origin Attribute Violation
Jun 11, 2018
CVSS 4.3
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV