mozilla

3,565 tracked vulnerabilities.

CVE-2016-9066 HIGH
Thunderbird <45.5-Firefox <50 - Buffer Overflow
Jun 11, 2018
CVSS 7.5
EPSS 0.21
CVE-2016-9065 HIGH
Firefox < 50.0 for Android - Location Bar Spoofing via Fullscreen Mode
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2016-9064 MEDIUM
Firefox ESR < 45.5 & Firefox < 50 - Man-in-the-middle attack
Jun 11, 2018
CVSS 5.9
EPSS 0.00
CVE-2016-9063 CRITICAL
Firefox < 50 - Integer Overflow in Expat XML Parser
Jun 11, 2018
CVSS 9.8
EPSS 0.03
CVE-2016-9062 LOW
Firefox < 50.0 - Exposure of Sensitive Information via Private Browsing Metadata
Jun 11, 2018
CVSS 3.3
EPSS 0.00
CVE-2016-9061 HIGH
Firefox < 50.0 - Unauthorized API Key Access via Signature-Level Permission
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2016-5299 HIGH
Firefox < 50.0 - AuthToken Interception via Malicious Android Application
Jun 11, 2018
CVSS 7.5
EPSS 0.01
CVE-2016-5298 MEDIUM
Firefox < 50.0 - Favicon and SSL Indicator Spoofing via Page Load Disruption
Jun 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2016-5297 CRITICAL
Firefox < 50 and Firefox ESR < 45.5 - Integer Overflow in JavaScript Argument Length Checking
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2016-5296 HIGH
Firefox < 45.5.0 - Heap Buffer Overflow via SVG Content Processing
Jun 11, 2018
CVSS 7.5
EPSS 0.03
CVE-2016-5295 HIGH
Firefox < 50.0 - Privilege Escalation via Mozilla Maintenance Service
Jun 11, 2018
CVSS 7.8
EPSS 0.00
CVE-2016-5294 MEDIUM
Firefox < 45.5.0 and Thunderbird < 45.5.0 - Arbitrary File Write via Updater Working Directory
Jun 11, 2018
CVSS 5.5
EPSS 0.00
CVE-2016-5293 MEDIUM
Firefox < 50 - Arbitrary Local File Write via Updater Log File Hardlink
Jun 11, 2018
CVSS 5.5
EPSS 0.00
CVE-2016-5292 MEDIUM
Firefox < 50.0 - Denial of Service via Malicious URL Parsing
Jun 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2016-5291 MEDIUM
Firefox < 50 and Firefox ESR < 45.5 - Same-Origin Policy Bypass via Local Shortcut Files
Jun 11, 2018
CVSS 5.5
EPSS 0.00
CVE-2016-5290 CRITICAL
Firefox < 50 and Firefox ESR < 45.5 - Memory Corruption
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2016-5289 CRITICAL
Firefox < 50.0 - Memory Corruption and Remote Code Execution
Jun 11, 2018
CVSS 9.8
EPSS 0.02
CVE-2016-5288 MEDIUM
Firefox < 49.0.2 - Exposure of Sensitive Information via HTTP Cache
Jun 11, 2018
CVSS 5.9
EPSS 0.01
CVE-2016-5287 CRITICAL
Firefox < 49.0.2 - Use-After-Free during Actor Destruction with Service Workers
Jun 11, 2018
CVSS 9.8
EPSS 0.01
CVE-2016-10547 MEDIUM
Nunjucks < 2.4.2 - Cross-Site Scripting via Array Key Bypass
May 31, 2018
CVSS 6.1
EPSS 0.00
CVE-2016-2803 MEDIUM
Bugzilla 2.16rc1-4.4.11 and 4.5.1-5.0.2 - Cross-Site Scripting in Dependency Graphs
Apr 12, 2017
CVSS 6.1
EPSS 0.00
CVE-2016-10196 HIGH
Debian Linux < 2.1.5 - Out-of-Bounds Write
Mar 15, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-5284 HIGH
Firefox < 49.0 and Firefox ESR 45.x < 45.4 - Man-in-the-Middle Spoofing via Preloaded Public Key Pinning Bypass
Sep 22, 2016
CVSS 7.4
EPSS 0.01
CVE-2016-5283 HIGH
Firefox < 48.0.2 - Same Origin Policy Bypass via IFRAME SRC Fragment Identifier
Sep 22, 2016
CVSS 8.8
EPSS 0.00
CVE-2016-5282 MEDIUM
Firefox < 48.0.2 - Information Exposure via Favicon Request Scheme
Sep 22, 2016
CVSS 6.5
EPSS 0.00
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV