mozilla
3,621 tracked vulnerabilities.
CVE-2017-5389
MEDIUM
Firefox < 51.0 - Open Redirect via WebExtensions mozAddonManager API
Jun 11, 2018
CVSS 6.1
EPSS 0.01
CVE-2017-5388
HIGH
Firefox < 51.0 - Denial of Service via STUN Packet Rate Limiting Bypass
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5387
LOW
Firefox < 51.0 - Local File Existence Disclosure via Track Tag Error Handling
Jun 11, 2018
CVSS 3.3
EPSS 0.00
CVE-2017-5386
HIGH
Firefox ESR < 45.7 - Firefox < 51 - Info Disclosure
Jun 11, 2018
CVSS 7.3
EPSS 0.02
CVE-2017-5385
HIGH
Firefox < 51.0 - Information Disclosure via Multipart Channel Referrer-Policy Bypass
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5384
MEDIUM
Firefox < 51.0 - HTTPS URL Exposure via Proxy Auto-Config
Jun 11, 2018
CVSS 5.9
EPSS 0.02
CVE-2017-5383
MEDIUM
Firefox <51 - Info Disclosure
Jun 11, 2018
CVSS 5.3
EPSS 0.02
CVE-2017-5382
HIGH
Firefox < 51.0 - Exposure of Sensitive Information via RSS Feed Preview
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5381
HIGH
Firefox < 51.0 - Path Traversal via Certificate Viewer Export Function
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-5380
CRITICAL
Thunderbird <45.7-Firefox <51. - Use After Free
Jun 11, 2018
CVSS 9.8
EPSS 0.03
CVE-2017-5379
HIGH
Firefox < 51.0 - Use-After-Free in Web Animations
Jun 11, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-5378
HIGH
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Info Disclosure
Jun 11, 2018
CVSS 7.5
EPSS 0.03
CVE-2017-5377
CRITICAL
Firefox < 51.0 - Memory Corruption in Skia Gradient Transforms
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5376
CRITICAL
Thunderbird <45.7-Firefox <51 - Use After Free
Jun 11, 2018
CVSS 9.8
EPSS 0.03
CVE-2017-5375
CRITICAL
Thunderbird <45.7, Firefox ESR <45.7, Firefox <51 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.33
CVE-2017-5374
CRITICAL
Firefox < 51.0 - Memory Corruption and Remote Code Execution
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-5373
CRITICAL
Firefox < 51 and Firefox ESR < 45.7 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.03
CVE-2017-17689
MEDIUM
9folders nine - Plaintext Exfiltration via S/MIME CBC Malleability-Gadget Attack
May 16, 2018
CVSS 5.9
EPSS 0.04
CVE-2017-17688
MEDIUM
Apple Mail - Plaintext Exfiltration via OpenPGP CFB Malleability-Gadget Attack
May 16, 2018
CVSS 5.9
EPSS 0.06
CVE-2017-11698
HIGH
Mozilla Network Security Services - Heap-Based Buffer Overflow in __get_page Function
Dec 27, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-11697
HIGH
Mozilla Network Security Services - Denial of Service via Crafted cert8.db File
Dec 27, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-11696
HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in __hash_open Function
Dec 27, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-11695
HIGH
Mozilla Network Security Services - Heap-based Buffer Overflow in alloc_segs Function
Dec 27, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-7502
HIGH
Network Security Services >= 3.24.0 - Denial of Service via Empty SSLv2 Message
May 30, 2017
CVSS 7.5
EPSS 0.04
CVE-2017-5461
CRITICAL
Mozilla Network Security Services < 3.21.4 - Out-of-bounds Write via Base64 Operations
May 11, 2017
CVSS 9.8
EPSS 0.05
Products
firefox 3,181
thunderbird 1,773
seamonkey 704
firefox_esr 488
Firefox 434
Thunderbird 403
thunderbird_esr 228
bugzilla 145
mozilla 108
network_security_services 50
Firefox ESR 44
mozilla_suite 27
Firefox for iOS 25
firefox_mobile 23
firefox_focus 20
focus 16
firefox_os 14
Focus for iOS 6
nss 6
bleach 5
bonsai 4
camino 4
vpn 4
convict 3
netscape_portable_runtime 3
geckodriver 2
mozjpeg 2
nunjucks 2
pollbot 2
webthings_gateway 2
Quick Filters