VYPR

Firefox

by Mozilla Corporation

Source repositories

CVEs (3,179)

  • CVE-2026-6762MedApr 21, 2026
    risk 0.41cvss 6.3epss 0.00

    Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2026-6757MedApr 21, 2026
    risk 0.41cvss 6.3epss 0.00

    Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.

  • CVE-2024-6600MedJul 9, 2024
    risk 0.41cvss 6.3epss 0.00

    Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on macOS. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and…

  • CVE-2019-11738MedSep 27, 2019
    risk 0.41cvss 6.3epss 0.01

    If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This…

  • CVE-2016-2837MedAug 5, 2016
    risk 0.41cvss 6.3epss 0.05

    Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remote attackers to execute arbitrary code by providing a malformed video and…

  • CVE-2016-1975MedMar 13, 2016
    risk 0.41cvss 6.3epss 0.01

    Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown…

  • CVE-2025-13013MedNov 11, 2025
    risk 0.40cvss 6.1epss 0.00

    Mitigation bypass in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird 145, and Thunderbird 140.5.

  • CVE-2025-11712MedOct 14, 2025
    risk 0.40cvss 6.1epss 0.00

    A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header.…

  • CVE-2025-10536MedSep 16, 2025
    risk 0.40cvss 6.2epss 0.00

    Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3.

  • CVE-2025-55030MedAug 19, 2025
    risk 0.40cvss 6.1epss 0.00

    Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.

  • CVE-2025-6430MedJun 24, 2025
    risk 0.40cvss 6.1epss 0.00

    When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed…

  • CVE-2024-11694MedNov 26, 2024
    risk 0.40cvss 6.1epss 0.01

    Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content.…

  • CVE-2024-10461MedOct 29, 2024
    risk 0.40cvss 6.1epss 0.01

    In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a download, which could allow XSS attacks. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird <…

  • CVE-2024-9397MedOct 1, 2024
    risk 0.40cvss 6.1epss 0.00

    A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

  • CVE-2024-8386MedSep 3, 2024
    risk 0.40cvss 6.1epss 0.00

    If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130, Firefox ESR < 128.2, and Thunderbird < 128.2.

  • CVE-2024-7524MedAug 6, 2024
    risk 0.40cvss 6.1epss 0.00

    Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of…

  • CVE-2024-5698MedJun 11, 2024
    risk 0.40cvss 6.1epss 0.00

    By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid a text box over the address bar. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 127.

  • CVE-2024-5693MedJun 11, 2024
    risk 0.40cvss 6.1epss 0.01

    Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

  • CVE-2024-4768MedMay 14, 2024
    risk 0.40cvss 6.1epss 0.01

    A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

  • CVE-2024-3860MedApr 16, 2024
    risk 0.40cvss 6.2epss 0.00

    An out-of-memory condition during object initialization could result in an empty shape list. If the JIT subsequently traced the object it would crash. This vulnerability affects Firefox < 125.

Page 74 of 159