Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MozillaFirefox*

2418 matches found

CVE
CVE•added 2025/07/22 9:15 p.m.•35 views

CVE-2025-8044

Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141 and Thunderbird

9.8CVSS7.5AI score0.00061EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•35 views

CVE-2025-9181

Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird

6.5CVSS6.4AI score0.00038EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•32 views

CVE-2025-9182

'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird

7.5CVSS6.3AI score0.00057EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•32 views

CVE-2025-9184

Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &...

8.1CVSS7.5AI score0.00064EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•30 views

CVE-2025-9183

Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR

6.5CVSS6.5AI score0.00025EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•22 views

CVE-2025-9187

Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird

9.8CVSS7.5AI score0.00056EPSS
CVE
CVE•added 2025/06/24 1:15 p.m.•21 views

CVE-2025-6428

When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks.This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox

4.3CVSS6.5AI score0.00042EPSS
CVE
CVE•added 2025/06/24 1:15 p.m.•21 views

CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications.This bug only affects Firefox...

6.5CVSS6.7AI score0.0004EPSS
CVE
CVE•added 2025/07/22 9:15 p.m.•11 views

CVE-2025-8043

Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability affects Firefox < 141 and Thunderbird

9.8CVSS6.4AI score0.00076EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•9 views

CVE-2025-55029

Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS

7.5CVSS6.6AI score0.00051EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•8 views

CVE-2025-9186

Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox

6.5CVSS6.6AI score0.00026EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•6 views

CVE-2025-54145

The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS

9.1CVSS6.6AI score0.00039EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•6 views

CVE-2025-55028

Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS

6.5CVSS6.5AI score0.00048EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•5 views

CVE-2025-54143

Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS

9.8CVSS6.6AI score0.00099EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•5 views

CVE-2025-55030

Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS

6.1CVSS5.7AI score0.00028EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•5 views

CVE-2025-55031

Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Fir...

9.8CVSS6.5AI score0.00055EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•5 views

CVE-2025-8364

A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack.Note: This issue only affected Android operating systems. Other operating systems are unaffected. This vulnerability affects Firefox

4.3CVSS6.4AI score0.00033EPSS
CVE
CVE•added 2025/08/19 9:15 p.m.•4 views

CVE-2025-54144

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS

5.4CVSS6.6AI score0.00028EPSS
Total number of security vulnerabilities2418