VYPR

Firefox

by Mozilla Corporation

Source repositories

CVEs (3,179)

  • CVE-2026-8953CriMay 19, 2026
    risk 0.62cvss 9.6epss 0.01

    Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

  • CVE-2026-7321CriApr 28, 2026
    risk 0.62cvss 9.6epss 0.00

    Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and Thunderbird 140.10.1.

  • CVE-2024-7519CriAug 6, 2024
    risk 0.62cvss 9.6epss 0.01

    Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and…

  • CVE-2022-26384CriDec 22, 2022
    risk 0.62cvss 9.6epss 0.01

    If an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scripts, they were able to craft a link that, when clicked, would lead to JavaScript execution in violation of the sandbox. This vulnerability affects…

  • CVE-2022-22759CriDec 22, 2022
    risk 0.62cvss 9.6epss 0.01

    If a document created a sandboxed iframe without allow-scripts, and subsequently appended an element to the iframe's document that e.g. had a JavaScript event handler - the event handler would have run despite the iframe's sandbox. This vulnerability affects Firefox…

  • CVE-2016-2819HigJun 13, 2016
    risk 0.62cvss 8.8epss 0.24

    Heap-based buffer overflow in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allows remote attackers to execute arbitrary code via foreign-context HTML5 fragments, as demonstrated by fragments within an SVG element.

  • CVE-2019-9812CriJan 8, 2020
    risk 0.61cvss 9.3epss 0.01

    Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then…

  • CVE-2019-9813HigApr 26, 2019
    risk 0.61cvss 8.8epss 0.07

    Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.

  • CVE-2026-8950CriMay 19, 2026
    risk 0.60cvss 9.3epss 0.00

    Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

  • CVE-2018-12387CriOct 18, 2018
    risk 0.60cvss 9.1epss 0.10

    A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the…

  • CVE-2026-12316CriJun 16, 2026
    risk 0.59cvss 9.1epss 0.00

    Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.

  • CVE-2026-12315CriJun 16, 2026
    risk 0.59cvss 9.1epss 0.00

    Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

  • CVE-2026-12304CriJun 16, 2026
    risk 0.59cvss 9.1epss 0.00

    Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.

  • CVE-2026-8948CriMay 19, 2026
    risk 0.59cvss 9.1epss 0.00

    Same-origin policy bypass in the DOM: Networking component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.

  • CVE-2026-4724CriMar 24, 2026
    risk 0.59cvss 9.1epss 0.00

    Undefined behavior in the Audio/Video component. This vulnerability was fixed in Firefox 149 and Thunderbird 149.

  • CVE-2026-4716CriMar 24, 2026
    risk 0.59cvss 9.1epss 0.00

    Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-4715CriMar 24, 2026
    risk 0.59cvss 9.1epss 0.00

    Uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

  • CVE-2026-2806CriFeb 24, 2026
    risk 0.59cvss 9.1epss 0.00

    Uninitialized memory in the Graphics: Text component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

  • CVE-2025-11717CriOct 14, 2025
    risk 0.59cvss 9.1epss 0.00

    When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144.

  • CVE-2025-54145CriAug 19, 2025
    risk 0.59cvss 9.1epss 0.00

    The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141.

Page 20 of 159