1887 matches found
CVE-2023-4048
CVE-2023-4048 involves an out-of-bounds read in DOMParser when parsing HTML in low-memory conditions, affecting Firefox < 116, Firefox ESR < 102.14, and Firefox ESR
CVE-2022-22755
CVE-2022-22755 describes a vulnerability in Firefox
CVE-2022-28287
Summary: CVE-2022-28287 affects Mozilla Firefox earlier than 99. In unusual circumstances, selecting text could cause text selection caching to misbehave and crash the browser. The associated data from connected sources confirms Firefox as the affected product and Firefox 99 or later as the fix/v...
CVE-2022-42931
CVE-2022-42931 : Firefox stored a username file on disk in unencrypted form instead of using the Password Manager’s encrypted storage. The issue is caused by the Form Manager writing the username (not the password) to disk, exposing sensitive account identifiers. Affects Firefox versions earlier ...
CVE-2022-42930
Mozilla Firefox prior to version 106 is affected by a data race in the ThirdPartyUtil component when two Workers initialize CacheStorage concurrently. The vulnerability could lead to memory corruption or a potentially exploitable crash. The fix is included in Firefox 106 (per MFSA2022-44). Mitiga...
CVE-2020-12387
CVE-2020-12387 is a use-after-free vulnerability caused by a race condition during Web Worker shutdown in Mozilla Firefox/Thunderbird. Affected products include Firefox ESR < 68.8, Firefox < 76, and Thunderbird
CVE-2024-2608
CVE-2024-2608 affects Mozilla Firefox (including ESR) and Thunderbird. The issue arises from integer overflow in encoding routines (AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding(), and AppendEncodedCharacters()) that can underallocate an output buffer, leading to an out-of-bounds...
CVE-2019-11756
CVE-2019-11756 is a Mozilla Firefox/NSS use-after-free vulnerability related to SFTKSession object handling. The connected AWS ALAS-2021-1522 aggregates NSS-related issues (including this CVE) and indicates affected Firefox/NSS components with suggested updates; it lists NSS-related packages (nsp...
CVE-2020-26974
CVE-2020-26974 is a Firefox/Thunderbird vulnerability where using flex-basis on a table wrapper could cause a StyleGenericFlexBasis object to be cast to the wrong type, leading to a heap use-after-free and memory corruption, potentially crashing the browser. Affected: Firefox <84, Thunderbird ...
CVE-2020-6800
CVE-2020-6800 involves memory safety bugs identified in Firefox 72 and Firefox ESR 68.4, with potential to corrupt memory and enable arbitrary code execution in browser-like contexts. Affected products include Thunderbird and Firefox versions older than 68.5/73 respectively (Thunderbird < 68.5...
CVE-2023-28176
CVE-2023-28176 corresponds to memory safety bugs in Firefox 110 and Firefox ESR 102.8, with potential to cause memory corruption and possible arbitrary code execution. Affected products include Firefox <111, Firefox ESR <102.9, and Thunderbird
CVE-2018-18506
CVE-2018-18506 is a PAC-related issue where a PAC file can cause localhost requests to be proxied. Connected documents confirm Thunderbird is affected and publicly patched: Thunderbird 60.6.1 fixes were released across AL2 (ALAS2-2019-1195), CentOS/RHEL advisories (RHSA-2019:0680/0681), and Debia...
CVE-2021-23968
CVE-2021-23968 describes a disclosure risk where, if a Content Security Policy blocked frame navigation, the violation report could reveal the destination of a redirect instead of the original frame URI. This could leak sensitive information contained in those URIs. Affected products include Fire...
CVE-2018-5146
CVE-2018-5146 describes an out-of-bounds memory write in Vorbis audio data processing. Affected are Mozilla Firefox (<59.0.1), Firefox ESR (<52.7.2), and Thunderbird (
CVE-2024-29944
The CVE-2024-29944 issue affects Mozilla Firefox on desktop (not mobile), allowing an attacker to inject an event handler into a privileged object to achieve arbitrary JavaScript execution in the parent process. Affects Firefox versions older than 124.0.1 and Firefox ESR older than 115.9.1; multi...
CVE-2025-1013
CVE-2025-1013 describes a race condition that could cause private browsing tabs to open in normal browsing windows, potentially leaking private data. The initial CVE entry asserts impact on Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird
CVE-2023-32205
CVE-2023-32205 affects Firefox (versions < 113), Firefox ESR (< 102.11), and Thunderbird (
CVE-2019-9791
CVE-2019-9791 affects Thunderbird and Firefox (including Firefox ESR) and stems from the IonMonkey JIT: type confusion for constructors entered via on-stack replacement. The advisory notes that the vulnerability can enable arbitrary reading/writing of objects during an exploitable crash, with fix...
CVE-2023-4047
CVE-2023-4047 is a vulnerability in Firefox popup notifications delay calculation that could allow an attacker to trick a user into granting permissions. The issue affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR
CVE-2020-6811
CVE-2020-6811 concerns Mozilla Firefox/Thunderbird where Devtools Network tab’s Copy as cURL did not properly escape the HTTP method. The underlying issue could allow command injection if the generated curl command is pasted into a terminal. Public advisories indicate affected products include Th...
CVE-2019-11740
CVE-2019-11740 corresponds to memory-safety bugs in Firefox 68/ESR 68 and Firefox 60.8, with potential for arbitrary code execution. According to the consolidated sources, affected products include Firefox < 69, Thunderbird < 68.1/60.9, and Firefox ESR
CVE-2024-2610
CVE-2024-2610 involves a markup-injection issue that could leak CSP nonces, enabling CSP policy leakage. Affected: Firefox <124, Firefox ESR <115.9, Thunderbird
CVE-2023-3600
CVE-2023-3600 affects Firefox (all channels) < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird
CVE-2023-4046
CVE-2023-4046 corresponds to a bug where an incorrect value used during WASM JIT compilation could cause a stale global variable to influence compilation, yielding an exploitable crash in the content process. The vulnerability affects Firefox plus ESR branches: Firefox < 116, ESR < 102.14, ...
CVE-2021-38493
CVE-2021-38493 covers memory-safety bugs in Mozilla Firefox 91/ESR 78.13 (and Thunderbird <78.14) that could lead to memory corruption and potentially arbitrary code execution. Affected: Firefox ESR <78.14, Thunderbird <78.14, and Firefox
CVE-2023-4057
CVE-2023-4057 affects Firefox (115 and ESR 115.x) and Thunderbird 115.x. The connected sources confirm memory-safety bugs in Firefox/Thunderbird that could allow memory corruption and, with sufficient effort, arbitrary code execution. The documented impact states affected versions are Firefox <...
CVE-2019-11744
CVE-2019-11744 concerns an XSS in HTML elements such as and where literal angle brackets can be left unescaped, allowing a crafted closing tag to be injected via innerHTML and make subsequent content appear outside the tag. Affected products include Firefox (versions before 69), Thunderbird (be...
CVE-2019-9792
The CVE-2019-9792 issue is an IonMonkey JIT leak in Firefox/Thunderbird where the JS_OPTIMIZED_OUT magic value is leaked during bailout, enabling memory corruption and potentially a crash. Affected: Thunderbird < 60.6, Firefox ESR < 60.6, Firefox
CVE-2025-0242
The connected documents confirm CVE-2025-0242 involves memory safety bugs in Firefox and Thunderbird (including ESR branches) with evidence of memory corruption and potential arbitrary code execution given sufficient effort. Affected products and versions stated: Firefox < 134, Firefox ESR <...
CVE-2023-4045
CVE-2023-4045 involves Offscreen Canvas cross-origin taint tracking in Firefox and ESR branches. Affects Firefox < 116 and ESR
CVE-2024-2607
CVE-2024-2607 is a concrete issue affecting Mozilla Firefox/Thunderbird components on Armv7-A: return registers may be overwritten during JIT/return handling , potentially enabling arbitrary code execution. The CVE is referenced in multiple advisories (Debian, AlmaLinux, CentOS) with explicit fix...
CVE-2024-9400
A memory corruption vulnerability (CVE-2024-9400) can be triggered by triggering an OOM at a specific moment during JIT compilation, affecting Firefox versions before 131, Firefox ESR before 128.3, Thunderbird before 128.3, and Thunderbird before 131. The issue has been acknowledged in multiple a...
CVE-2023-23598
CVE-2023-23598 describes an Arbitrary file read via GTK drag-and-drop in Firefox/Thunderbird where the GTK wrapper uses text/plain for drag data; GTK treats text/plain MIMEs with file URLs as dragged, enabling DataTransfer.setData to read local files. Affected versions: Firefox < 109, Firefox ...
CVE-2024-11694
The CVE-2024-11694 issue is a CSP frame-src bypass and DOM-based XSS stemming from Enhanced Tracking Protection in Mozilla products via the Web Compatibility extension’s Google SafeFrame shim. Affected: Firefox versions <133, Firefox ESR <128.5, Firefox ESR <115.18, Thunderbird <133, ...
CVE-2024-4767
CVE-2024-4767 is a fault in Firefox/Thunderbird where IndexedDB files were not properly deleted when a window closed if browser.privatebrowsing.autostart is enabled. Affected products include Firefox versions older than 126, Firefox ESR older than 115.11, and Thunderbird older than 115.11. The is...
CVE-2021-29991
CVE-2021-29991 affects Mozilla Firefox and Mozilla Thunderbird. The issue arises when Firefox incorrectly accepts a newline in an HTTP/3 header, treating it as two separate headers, enabling a header-splitting scenario for servers using HTTP/3. Affected versions are Firefox < 91.0.1 and Thunde...
CVE-2023-4055
CVE-2023-4055 concerns cookies per domain in the browser’s cookie jar. When domain cookie count exceeded, the actual sent cookie jar could diverge from the expected state, causing some cookies to be missing from requests. This affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR
CVE-2024-11699
CVE-2024-11699 describes memory-safety bugs in Mozilla Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4 that could allow arbitrary code execution; vulnerable when running Firefox <133, Firefox ESR <128.5, Thunderbird <133, or Thunderbird
CVE-2020-6798
CVE-2020-6798 involves incorrect parsing when a template tag is used inside a select tag, enabling JavaScript injection under browser-like contexts. The vulnerability affects Thunderbird versions prior to 68.5 (and Firefox before 73 / ESR 68.5); exploitation is discussed in the context of cross-s...
CVE-2024-4770
CVE-2024-4770 is a memory-safety use-after-free issue in PDF rendering when saving a page to PDF, reported for Firefox <126, Firefox ESR <115.11, and Thunderbird
CVE-2025-1010
A CVE entry (CVE-2025-1010) describes a use-after-free via the Custom Highlight API that could lead to a crash. Affected products/versions include: Firefox fixed in 135, Firefox ESR fixed in 115.20 and 128.7, Thunderbird fixed in 128.7 and 135, and Thunderbird ESR variants similarly updated. The ...
CVE-2021-29980
CVE-2021-29980 is a memory safety issue caused by uninitialized memory in a canvas object, potentially enabling memory corruption and a crash. Documents show affected products include Thunderbird and Firefox variants: Thunderbird 78.x/91.x and Firefox ESR 78.x as well as Firefox
CVE-2021-23969
The CVE-2021-23969 entry concerns a Content Security Policy (CSP) violation report handling issue in Firefox and related Mozilla products. Affected components: Firefox (and Thunderbird) CSP violation reporting when redirects occur. Root cause: during certain redirects, the reporter could set the ...
CVE-2023-4056
Memory safety bugs in Firefox 115/Thunderbird 115 and older (Firefox <116, ESR <102.14/115.1; Thunderbird
CVE-2024-11704
CVE-2024-11704 is a double-free in sec_pkcs7_decoder_start_decrypt() triggered on an error path, potentially leading to memory corruption. Affected products include Firefox < 133, Thunderbird < 133, Firefox ESR < 128.7, and Thunderbird
CVE-2024-5688
CVE-2024-5688 is a use-after-free in object transplant triggered by garbage collection timing, affecting Firefox versions before 127 and Firefox ESR before 115.12, and Thunderbird before 115.12. Root cause: memory safety issue during object transplant that can lead to heap corruption if GC runs a...
CVE-2019-11713
CVE-2019-11713 is a use-after-free in HTTP/2 when a cached stream is closed while still in use, leading to a potentially exploitable crash. Affected products include Firefox ESR < 60.8, Firefox < 68, and Thunderbird
CVE-2019-11752
CVE-2019-11752 is a use-after-free in IndexedDB: deleting a key value during conversion may allow a crash and potential exploitation. Affected products include Firefox versions before 69 and Thunderbird versions before 68.1/60.9 (and corresponding ESR lines). Several connected advisories note fix...
CVE-2020-12401
CVE-2020-12401: In ECDSA signature generation, padding used to ensure constant-time scalar multiplication was removed, causing variable-time execution based on secret data. Affected: Firefox < 80 and Firefox for Android
CVE-2022-1887
CVE-2022-1887: A SQL injection vulnerability in Firefox for iOS, triggered when the search term is supplied externally, affects Firefox for iOS versions prior to 101. The NVD and Red Hat entries confirm the issue and describe the impact as high confidentiality, integrity, and availability risk (C...