VYPR

Firefox

by Mozilla Corporation

Source repositories

CVEs (3,179)

  • CVE-2025-13021CriNov 11, 2025
    risk 0.64cvss 9.8epss 0.00

    Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145.

  • CVE-2025-12380CriOct 28, 2025
    risk 0.64cvss 9.8epss 0.00

    Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2.

  • CVE-2025-11721CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144 and Thunderbird 144.

  • CVE-2025-11719CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144.

  • CVE-2025-11710CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird…

  • CVE-2025-11709CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

  • CVE-2025-11708CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

  • CVE-2025-9187CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 142 and…

  • CVE-2025-9179CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.01

    An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27,…

  • CVE-2025-8042CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability was fixed in Firefox 141.

  • CVE-2025-55031CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This…

  • CVE-2025-54143CriAug 19, 2025
    risk 0.64cvss 9.8epss 0.00

    Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.

  • CVE-2025-8044CriJul 22, 2025
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 141 and…

  • CVE-2025-8043CriJul 22, 2025
    risk 0.64cvss 9.8epss 0.00

    Focus incorrectly truncated URLs towards the beginning instead of around the origin. This vulnerability was fixed in Firefox 141.

  • CVE-2025-8038CriJul 22, 2025
    risk 0.64cvss 9.8epss 0.00

    Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

  • CVE-2025-8031CriJul 22, 2025
    risk 0.64cvss 9.8epss 0.00

    The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird…

  • CVE-2025-8028CriJul 22, 2025
    risk 0.64cvss 9.8epss 0.00

    On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13,…

  • CVE-2025-6433CriJun 24, 2025
    risk 0.64cvss 9.8epss 0.00

    If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established…

  • CVE-2025-6424CriJun 24, 2025
    risk 0.64cvss 9.8epss 0.03

    A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability was fixed in Firefox 140, Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.

  • CVE-2025-49710CriJun 11, 2025
    risk 0.64cvss 9.8epss 0.01

    An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4.

Page 7 of 159