Vulnerabilities in mozilla

1,863 results
CVE-2026-8401CRITICALSandbox escape in the Profile Backup componentEPSS 0.3%CVE-2026-2792CRITICALMemory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148EPSS 0.3%CVE-2026-4722HIGHPrivilege escalation in the IPC componentEPSS 0.3%CVE-2026-0888MEDIUMInformation disclosure in the XML componentEPSS 0.3%CVE-2024-26281MEDIUMUpon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin siteEPSS 0.3%CVE-2024-8394MEDIUMWhen aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitabEPSS 0.3%CVE-2025-1938MEDIUMMemory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8EPSS 0.3%CVE-2017-7761The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. When this is combinEPSS 0.3%CVE-2023-49061An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information. This vulnerability affects FirefoEPSS 0.3%CVE-2026-6771CRITICALMitigation bypass in the DOM: Security componentEPSS 0.3%CVE-2020-12401During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resultinEPSS 0.3%CVE-2026-2634CRITICALSpoofed web content presented under trusted domains using scripted navigation on Firefox iOSEPSS 0.3%CVE-2026-3847HIGHMemory safety bugs fixed in Firefox 148.0.2EPSS 0.3%CVE-2025-12380CRITICALUse-after-free in WebGPU internals triggered from a compromised child processEPSS 0.3%CVE-2026-6751HIGHUninitialized memory in the Audio/Video: Web Codecs componentEPSS 0.3%CVE-2026-8970HIGHPrivilege escalation in the Security componentEPSS 0.3%CVE-2026-2800CRITICALSpoofing issue in the WebAuthn component in Firefox for AndroidEPSS 0.3%CVE-2025-10537HIGHMemory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143EPSS 0.3%CVE-2026-6752HIGHIncorrect boundary conditions in the WebRTC componentEPSS 0.3%CVE-2026-12298MEDIUMMemory safety bug fixed in Firefox 152EPSS 0.3%