mozilla

3,565 tracked vulnerabilities.

CVE-2016-5261 HIGH
Firefox < 47.0.1 - Remote Code Execution via WebSocketChannel Integer Overflow
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-5260 MEDIUM
Firefox < 47.0.1 - Password Exposure via Session Restoration
Aug 05, 2016
CVSS 6.5
EPSS 0.01
CVE-2016-5259 HIGH
Firefox < 48.0 - Remote Code Execution via Service Worker Nested Sync Event Loop
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-5258 HIGH
Oracle Linux < 47.0.1 - Use After Free
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-5255 HIGH
Firefox < 47.0.1 - Use-After-Free in js::PreliminaryObjectArray::sweep
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-5254 CRITICAL
Firefox < 48.0 - Use-After-Free in nsXULPopupManager::KeyDown
Aug 05, 2016
CVSS 9.8
EPSS 0.02
CVE-2016-5253 MEDIUM
Firefox < 47.0.1 - Arbitrary File Write via Updater Callback Application-Path Parameter
Aug 05, 2016
CVSS 4.7
EPSS 0.00
CVE-2016-5252 HIGH
Oracle Linux < 47.0.1 - Memory Corruption
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-5251 MEDIUM
Firefox < 47.0.1 - Location Bar Spoofing via Crafted Media Type in data: URL
Aug 05, 2016
CVSS 4.3
EPSS 0.01
CVE-2016-5250 MEDIUM
Firefox < 47.0.1 - Exposure of Sensitive Information via Resource Timing API
Aug 05, 2016
CVSS 4.3
EPSS 0.01
CVE-2016-2839 MEDIUM
Firefox < 48.0 and Firefox ESR 45.x < 45.3 - Denial of Service via Crafted Video
Aug 05, 2016
CVSS 6.5
EPSS 0.01
CVE-2016-2838 HIGH
Firefox < 48.0 - Remote Code Execution via SVG Directional Content
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-2837 MEDIUM
Firefox < 48.0 - Remote Code Execution via ClearKey CDM Heap Overflow
Aug 05, 2016
CVSS 6.3
EPSS 0.00
CVE-2016-2836 HIGH
Firefox < 48.0 - Remote Code Execution via Browser Engine Memory Corruption
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-2835 HIGH
Firefox < 47.0.1 - Memory Corruption and Remote Code Execution
Aug 05, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-2830 MEDIUM
Firefox < 48.0 and Firefox ESR 45.x < 45.3 - User Tracking via Favicon Connection Reuse
Aug 05, 2016
CVSS 4.3
EPSS 0.01
CVE-2016-2834 HIGH
Canonical Ubuntu Linux < 3.22 - Denial of Service
Jun 13, 2016
CVSS 8.8
EPSS 0.00
CVE-2016-2833 MEDIUM
Opensuse Leap < 46.0.1 - Security Feature Bypass
Jun 13, 2016
CVSS 6.1
EPSS 0.00
CVE-2016-2832 MEDIUM
Canonical Ubuntu Linux < 46.0.1 - Information Disclosure
Jun 13, 2016
CVSS 4.3
EPSS 0.01
CVE-2016-2831 HIGH
Canonical Ubuntu Linux < 46.0.1 - Security Feature Bypass
Jun 13, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-2829 MEDIUM
Opensuse Leap < 46.0.1 - Improper Access Control
Jun 13, 2016
CVSS 6.5
EPSS 0.00
CVE-2016-2828 HIGH
Canonical Ubuntu Linux < 46.0.1 - Use After Free
Jun 13, 2016
CVSS 8.8
EPSS 0.02
CVE-2016-2826 HIGH
Firefox < 47.0 and Firefox ESR 45.x < 45.2 - Privilege Escalation via MAR File Tampering
Jun 13, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-2825 MEDIUM
Canonical Ubuntu Linux < 46.0.1 - Improper Access Control
Jun 13, 2016
CVSS 6.5
EPSS 0.01
CVE-2016-2824 HIGH
Firefox < 47.0 and Firefox ESR < 45.2 - Out-of-Bounds Write via WebGL Shader Array Access
Jun 13, 2016
CVSS 8.8
EPSS 0.01
Products
firefox 3,130 thunderbird 1,729 seamonkey 704 firefox_esr 488 Firefox 387 Thunderbird 359 thunderbird_esr 228 bugzilla 145 mozilla 108 network_security_services 50 Firefox ESR 44 mozilla_suite 27 firefox_focus 20 firefox_mobile 20 Firefox for iOS 19 focus 15 firefox_os 14 nss 6 Focus for iOS 5 bleach 5 bonsai 4 camino 4 vpn 4 convict 3 netscape_portable_runtime 3 geckodriver 2 mozjpeg 2 nunjucks 2 pollbot 2 webthings_gateway 2
Quick Filters
Critical CVEs With Exploits In CISA KEV