Vulnerabilidades em mozilla
1.863 resultadosCVE-2026-8955HIGHPrivilege escalation in the DOM: Workers componentEPSS 0.4%CVE-2025-11709CRITICALOut of bounds read/write in a privileged process triggered by WebGL texturesEPSS 0.4%CVE-2026-4712HIGHInformation disclosure in the Widget: Cocoa componentEPSS 0.4%CVE-2024-2608HIGH`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows,EPSS 0.4%CVE-2025-11710CRITICALCross-process information leaked due to malicious IPC messagesEPSS 0.4%CVE-2023-25749MEDIUMAndroid applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. FEPSS 0.4%CVE-2026-2767HIGHUse-after-free in the JavaScript: WebAssembly componentEPSS 0.4%CVE-2026-8092HIGHMemory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2EPSS 0.4%CVE-2025-1018HIGHFullscreen notification is not displayed when fullscreen is re-requestedEPSS 0.4%CVE-2024-1554CRITICALThe `fetch()` API and navigation incorrectly shared the same cache, as the cache key did not include the optional headers `fetch()` may contEPSS 0.4%CVE-2024-5698MEDIUMBy manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This coulEPSS 0.4%CVE-2026-12291HIGHUse-after-free in the Networking: HTTP componentEPSS 0.4%CVE-2017-7766—An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla MaEPSS 0.4%CVE-2023-4579—Persisted search terms were formatted as URLsEPSS 0.4%CVE-2024-31392HIGHIf an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status ThiEPSS 0.4%CVE-2022-1834MEDIUMWhen displaying the sender of an email, and the sender name contained the Braille Pattern Blank space character multiple times, Thunderbird EPSS 0.4%CVE-2023-6870—Applications which spawn a Toast notification in a background thread may have obscured fullscreen notifications displayed by Firefox.
*ThisEPSS 0.4%CVE-2025-4083CRITICALProcess isolation bypass using "javascript:" URI links in cross-origin framesEPSS 0.4%CVE-2024-6608MEDIUMCursor could be moved out of the viewport using pointerlock.EPSS 0.4%CVE-2025-5269HIGHMemory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11EPSS 0.4%