Lucene search
+L

1214 matches found

CVE
CVE
added 2026/05/19 12:30 p.m.21 views

CVE-2026-8965

CVE-2026-8965 is an information-disclosure vulnerability in the DOM: Security component, affecting Mozilla Firefox and Mozilla Thunderbird up to version 151. The issue is fixed in Firefox 151 and Thunderbird 151. Affected products include Mozilla Firefox earlier than 151.0 and Mozilla Thunderbird...

7.5CVSS5.8AI score0.00324EPSS
CVE
CVE
added 2026/05/19 12:30 p.m.21 views

CVE-2026-8966

CVE-2026-8966 affects Mozilla Thunderbird (earlier than 151.0) and concerns information disclosure in the IP Protection component. Multiple connected sources corroborate the impact as information disclosure, with the vulnerability fixed in Thunderbird 151 (and Firefox 151 per the initial entry). ...

7.5CVSS5.8AI score0.00332EPSS
CVE
CVE
added 2026/05/19 12:30 p.m.21 views

CVE-2026-8967

CVE-2026-8967 affects Mozilla graphics stack via the Graphics: WebGPU component, leading to information disclosure. Public documentation in connected sources indicates the vulnerability was fixed in Firefox 151 and Thunderbird 151, with affected products listed as Mozilla Thunderbird and Mozilla ...

7.5CVSS5.8AI score0.00332EPSS
CVE
CVE
added 2026/06/16 11:52 a.m.20 views

CVE-2026-12300

CVE-2026-12300 describes a memory-safety issue that was fixed in Firefox 152 and Thunderbird 152. The available sources confirm the affected products are Mozilla Firefox/Thunderbird, with the underlying problem labeled as a memory safety bug. The CVSS metrics in the initial document indicate a ba...

5.3CVSS5.2AI score0.00252EPSS
CVE
CVE
added 2026/06/16 11:52 a.m.20 views

CVE-2026-12319

CVE-2026-12319 is a reported DoS in the Audio/Video: Playback component. Multiple connected sources confirm the issue affects Firefox and Thunderbird and that it was fixed in Firefox 152 and Thunderbird 152. The CVSS 3.1 vector indicates network attack vector, low attack complexity, no privileges...

6.5CVSS5.2AI score0.0021EPSS
CVE
CVE
added 2026/02/24 1:33 p.m.20 views

CVE-2026-2804

CVE-2026-2804 describes a use-after-free vulnerability in the JavaScript: WebAssembly component that affects Mozilla Firefox and Mozilla Thunderbird. The issue is fixed in Firefox 148 and Thunderbird 148. Connected advisories reaffirm the same root cause (memory management issue in the WebAssembl...

5.4CVSS5.8AI score0.00288EPSS
CVE
CVE
added 2026/03/24 12:30 p.m.20 views

CVE-2026-4689

CVE-2026-4689: A sandbox-escape issue caused by incorrect boundary conditions and an integer overflow in the XPCOM component. Public disclosures across multiple sources show affected products include Firefox and Thunderbird (various release tracks), with fixes implemented in Firefox 149, ESR 115....

10CVSS7.3AI score0.00665EPSS
CVE
CVE
added 2026/04/07 12:43 p.m.20 views

CVE-2026-5735

CVE-2026-5735 affects Mozilla Firefox and Thunderbird 149.0.1, with memory safety bugs that can cause memory corruption and, per sources, could be exploited to run arbitrary code. Affected components are within Firefox/Thunderbird rendering and memory management; the issue has been fixed in Firef...

9.8CVSS5.9AI score0.00257EPSS
CVE
CVE
added 2026/05/19 12:30 p.m.20 views

CVE-2026-8964

The CVE-2026-8964 entry describes a spoofing issue in the Popup Blocker component. The vulnerability is stated to be fixed in Firefox 151 and Thunderbird 151, indicating a patch/upgrade is available for mitigation. The available data list the impact as high (I: High) with a network attack vector ...

7.5CVSS5.8AI score0.00302EPSS
CVE
CVE
added 2026/03/24 12:30 p.m.19 views

CVE-2026-4724

CVE-2026-4724 affects Mozilla Firefox and Mozilla Thunderbird. The root cause is undefined behavior in the Audio/Video component, leading to potential security bypass or other impacts as described in the connected records. The vulnerability is reported across multiple sources (CNVD EUVD entries) ...

9.1CVSS7.2AI score0.00322EPSS
CVE
CVE
added 2026/04/21 12:41 p.m.19 views

CVE-2026-6781

CVE-2026-6781 is a denial-of-service vulnerability in the Mozilla Firefox/Thunderbird Audio/Video: Playback component. The issue is fixed in Firefox 150 and Thunderbird 150. Affected products are Firefox and Thunderbird; the root cause is described only as a DoS in the playback component, with no...

7.5CVSS5.8AI score0.00294EPSS
CVE
CVE
added 2026/01/13 1:30 p.m.18 views

CVE-2026-0889

CVE-2026-0889 describes a Denial-of-Service in the DOM: Service Workers component, affecting Mozilla Firefox and Mozilla Thunderbird versions earlier than 147. The CVE’s publicly documented impact is DoS with the DOM Service Workers, and the related advisory notes advise updating to the latest ve...

7.5CVSS5.8AI score0.00537EPSS
CVE
CVE
added 2026/06/16 11:52 a.m.18 views

CVE-2026-12321

Summary: CVE-2026-12321 is a JIT miscompilation in the JavaScript: WebAssembly component. Affected products: Firefox and Thunderbird (WebAssembly/JS engine). Root cause: JIT miscompilation in the WebAssembly component. Impact: Not explicitly quantified beyond miscompilation; CVSS v3.1 base score ...

5.4CVSS5.2AI score0.00159EPSS
CVE
CVE
added 2026/01/13 1:30 p.m.16 views

CVE-2026-0888

CVE-2026-0888 relates to information disclosure in the XML component in Mozilla Firefox and Thunderbird prior to version 147. Affected products include Firefox < 147 and Thunderbird

5.3CVSS5.8AI score0.00313EPSS
Total number of security vulnerabilities1214