Vulnerabilities in mozilla
1,863 resultsCVE-2025-1013MEDIUMPotential opening of private browsing tabs in normal browsing windowsEPSS 0.3%CVE-2025-11715HIGHMemory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144EPSS 0.3%CVE-2026-4718HIGHUndefined behavior in the WebRTC: Signaling componentEPSS 0.3%CVE-2026-8391MEDIUMOther issue in the JavaScript Engine componentEPSS 0.3%CVE-2025-13027HIGHMemory safety bugs fixed in Firefox 145 and Thunderbird 145EPSS 0.3%CVE-2025-2830MEDIUMInformation Disclosure of /tmp directory listingEPSS 0.3%CVE-2026-6780HIGHDenial-of-service in the Audio/Video: Playback componentEPSS 0.3%CVE-2025-1933HIGHJIT corruption of WASM i32 return values on 64-bit CPUsEPSS 0.3%CVE-2026-6781HIGHDenial-of-service in the Audio/Video: Playback componentEPSS 0.3%CVE-2024-10460MEDIUMThe origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects EPSS 0.3%CVE-2024-53976MEDIUMUnder certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what tEPSS 0.3%CVE-2026-10702MEDIUMJIT miscompilation in the JavaScript Engine: JIT componentEPSS 0.3%CVE-2026-6757MEDIUMInvalid pointer in the JavaScript: WebAssembly componentEPSS 0.3%CVE-2022-3266MEDIUMAn out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects FirefoEPSS 0.3%CVE-2025-10535HIGHInformation disclosure, mitigation bypass in the Privacy component in Firefox for AndroidEPSS 0.3%CVE-2025-14325HIGHJIT miscompilation in the JavaScript Engine: JIT componentEPSS 0.3%CVE-2024-38312MEDIUMWhen browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed EPSS 0.3%CVE-2025-10532MEDIUMIncorrect boundary conditions in the JavaScript: GC componentEPSS 0.3%CVE-2025-3608MEDIUMRace condition in nsHttpTransaction could lead to memory corruptionEPSS 0.3%CVE-2026-8969HIGHMitigation bypass in the DOM: Security componentEPSS 0.3%