Vulnerabilities in mozilla

1,863 results
CVE-2026-12313MEDIUMInformation disclosure, sandbox escape in the Security: Process Sandboxing componentEPSS 0.2%CVE-2025-13013MEDIUMMitigation bypass in the DOM: Core & HTML componentEPSS 0.2%CVE-2025-23109MEDIUMAddress bar spoofing on iOS using long hostnamesEPSS 0.2%CVE-2025-6426HIGHNo warning when opening executable terminal files on macOSEPSS 0.2%CVE-2025-3859MEDIUMFirefox Focus elide URL allows address bar spoofingEPSS 0.2%CVE-2024-3860MEDIUMAn out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it woEPSS 0.2%CVE-2025-1939LOWTapjacking in Android Custom Tabs using transition animationsEPSS 0.2%CVE-2025-14744MEDIUMFilename spoofing via Unicode Right-to-Left Override in Firefox for iOSEPSS 0.2%CVE-2026-6654MEDIUMUse-After-Free and Double-Free in IntoIter::drop when element drop panicsEPSS 0.2%CVE-2026-12323MEDIUMSpoofing issue in the DOM: Core & HTML componentEPSS 0.2%CVE-2026-12322MEDIUMClickjacking issue in the Widget: Gtk componentEPSS 0.2%CVE-2026-12330MEDIUMIncorrect boundary conditions in the Internationalization componentEPSS 0.2%CVE-2026-6777MEDIUMOther issue in the Networking: DNS componentEPSS 0.2%CVE-2026-12321MEDIUMJIT miscompilation in the JavaScript: WebAssembly componentEPSS 0.2%CVE-2026-0818MEDIUMCSS-based exfiltration of the content from partially encrypted emails when allowing remote contentEPSS 0.2%CVE-2025-3033HIGHOpening local .url files could lead to another file being openedEPSS 0.2%CVE-2026-9309MEDIUMArbitrary JavaScript execution in internal pages via Reader View JSON-LD injectionEPSS 0.2%CVE-2026-9308MEDIUMArbitrary JavaScript execution in Reader View due to wrong HTML replacement orderEPSS 0.2%CVE-2026-6762MEDIUMSpoofing issue in the DOM: Core & HTML componentEPSS 0.2%CVE-2025-4089MEDIUMPotential local code execution in "copy as cURL" commandEPSS 0.2%