mozilla

3,565 tracked vulnerabilities.

CVE-2017-5383 MEDIUM
Firefox <51 - Info Disclosure
Jun 11, 2018
CVSS 5.3
EPSS 0.02
CVE-2017-5382 HIGH
Firefox < 51.0 - Exposure of Sensitive Information via RSS Feed Preview
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-5381 HIGH
Firefox < 51.0 - Path Traversal via Certificate Viewer Export Function
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-5380 CRITICAL
Thunderbird <45.7-Firefox <51. - Use After Free
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5379 HIGH
Firefox < 51.0 - Use-After-Free in Web Animations
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5378 HIGH
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Info Disclosure
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5377 CRITICAL
Firefox < 51.0 - Memory Corruption in Skia Gradient Transforms
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5376 CRITICAL
Thunderbird <45.7-Firefox <51 - Use After Free
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5375 CRITICAL
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.58
CVE-2017-5374 CRITICAL
Firefox < 51.0 - Memory Corruption and Remote Code Execution
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5373 CRITICAL
Firefox < 51 and Firefox ESR < 45.7 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-17689 MEDIUM
9folders nine - Plaintext Exfiltration via S/MIME CBC Malleability-Gadget Attack
May 16, 2018
CVSS 5.9
EPSS 0.00
CVE-2017-17688 MEDIUM
Apple Mail - Plaintext Exfiltration via OpenPGP CFB Malleability-Gadget Attack
May 16, 2018
CVSS 5.9
EPSS 0.03
CVE-2017-11698 HIGH
Mozilla Network Security Services - Heap-Based Buffer Overflow in __get_page Function
Dec 27, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-11697 HIGH
Mozilla Network Security Services - Denial of Service via Crafted cert8.db File
Dec 27, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-11696 HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in __hash_open Function
Dec 27, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-11695 HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in alloc_segs Function
Dec 27, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-7502 HIGH
Network Security Services >= 3.24.0 - Denial of Service via Empty SSLv2 Message
May 30, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-5461 CRITICAL
Mozilla Network Security Services < 3.21.4 - Out-of-bounds Write via Base64 Operations
May 11, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-5031 HIGH
Google Chrome <57.0.2987.98 - Use After Free
Apr 24, 2017
CVSS 8.8
EPSS 0.01
CVE-2016-5285 HIGH
Mozilla NSS < 3.26 - Denial of Service via PK11_SignWithSymKey Null Pointer Dereference
Nov 15, 2019
CVSS 7.5
EPSS 0.02
CVE-2016-9069 HIGH
Firefox < 50.0 - Use-After-Free in nsINode::ReplaceOrInsertBefore
Oct 18, 2018
CVSS 7.8
EPSS 0.00
CVE-2016-8635 MEDIUM
Mozilla Network Security Services 3.21-3.21.4 - Private Key Recovery via Small Subgroup Confinement Attack
Aug 01, 2018
CVSS 5.3
EPSS 0.00
CVE-2016-9574 MEDIUM
Network Security Services < 3.30 - Denial of Service via SessionTicket Extension
Jul 19, 2018
CVSS 5.9
EPSS 0.00
CVE-2016-9905 HIGH
Redhat Enterprise Linux Desktop < 45.6.0 - Improper Access Control
Jun 11, 2018
CVSS 8.8
EPSS 0.01
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV