VYPR

Firefox

by Mozilla Corporation

Source repositories

CVEs (3,179)

  • CVE-2016-1931CriJan 31, 2016
    risk 0.65cvss 10.0epss 0.06

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered…

  • CVE-2015-7182CriNov 5, 2015
    risk 0.65cvss 9.8epss 0.10

    Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service…

  • CVE-2013-6671CriDec 11, 2013
    risk 0.65cvss 9.8epss 0.11

    The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements.

  • CVE-2013-5618CriDec 11, 2013
    risk 0.65cvss 9.8epss 0.10

    Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute…

  • CVE-2026-8956CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.01

    Integer overflow in the Networking: JAR component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

  • CVE-2026-8401CriMay 12, 2026
    risk 0.64cvss 9.8epss 0.00

    Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.

  • CVE-2026-8094CriMay 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.

  • CVE-2026-8091CriMay 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2.

  • CVE-2026-6771CriApr 21, 2026
    risk 0.64cvss 9.8epss 0.00

    Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6768CriApr 21, 2026
    risk 0.64cvss 9.8epss 0.00

    Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6760CriApr 21, 2026
    risk 0.64cvss 9.8epss 0.00

    Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-6748CriApr 21, 2026
    risk 0.64cvss 9.8epss 0.00

    Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-5735CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2…

  • CVE-2026-5734CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…

  • CVE-2026-5731CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to…

  • CVE-2026-4729CriMar 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and…

  • CVE-2026-4723CriMar 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149 and Thunderbird 149.

  • CVE-2026-4721CriMar 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary…

  • CVE-2026-4720CriMar 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This…

  • CVE-2026-4717CriMar 24, 2026
    risk 0.64cvss 9.8epss 0.00

    Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.

Page 3 of 159