Vendor
Mozilla Corporation
The Mozilla Corporation is a wholly owned taxable subsidiary of the Mozilla Foundation that coordinates and integrates the development of Internet-related applications such as the Firefox web browser, by a global community of open-source developers, some of whom are employed by the corporation itself. The corporation also distributes and promotes these products. Unlike the non-profit Mozilla Foundation, and the Mozilla open source project, founded by the now defunct Netscape Communications Corporation, the Mozilla Corporation is a for-profit entity.
Founded 2005
Products
26
CVEs
3,251
Across products
79,244
Status
Private
Products
26- 32,890 CVEs
- 22,164 CVEs
- 13,857 CVEs
- 7,007 CVEs
- 1,438 CVEs
- 795 CVEs
- 356 CVEs
- 330 CVEs
- 183 CVEs
- 110 CVEs
- 41 CVEs
- 22 CVEs
- 14 CVEs
- 8 CVEs
- 7 CVEs
- 6 CVEs
- 4 CVEs
- 3 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
3,251| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-3765 | Cri | 0.86 | 9.8 | 0.87 | KEV | Oct 28, 2010 | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. |
| CVE-2015-4495 | Hig | 0.78 | 8.8 | 0.72 | KEV | Aug 8, 2015 | The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015. |
| CVE-2013-1690 | Hig | 0.76 | 8.8 | 0.47 | KEV | Jun 26, 2013 | Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location. |
| CVE-2010-1205 | Cri | 0.68 | 9.8 | 0.15 | Jun 30, 2010 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | |
| CVE-2016-1960 | Hig | 0.67 | 8.8 | 0.86 | Mar 13, 2016 | Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end tags, as demonstrated by incorrect SVG processing, aka ZDI-CAN-3545. | |
| CVE-2026-4725 | Cri | 0.65 | 10.0 | 0.00 | Mar 24, 2026 | Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149 and Thunderbird 149. | |
| CVE-2026-4692 | Cri | 0.65 | 10.0 | 0.00 | Mar 24, 2026 | Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4689 | Cri | 0.65 | 10.0 | 0.00 | Mar 24, 2026 | Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-4688 | Cri | 0.65 | 10.0 | 0.00 | Mar 24, 2026 | Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | |
| CVE-2026-2778 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |
| CVE-2026-2776 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |
| CVE-2026-2768 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |
| CVE-2026-2761 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |
| CVE-2026-2760 | Cri | 0.65 | 10.0 | 0.00 | Feb 24, 2026 | Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8. | |
| CVE-2026-0881 | Cri | 0.65 | 10.0 | 0.00 | Jan 13, 2026 | Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147. | |
| CVE-2025-2857 | Cri | 0.65 | 10.0 | 0.00 | Mar 27, 2025 | Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was being exploited in the wild. *This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1. | |
| CVE-2025-0247 | Cri | 0.65 | 9.8 | 0.15 | Jan 7, 2025 | Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 134 and Thunderbird 134. | |
| CVE-2016-1931 | Cri | 0.65 | 10.0 | 0.03 | Jan 31, 2016 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data compression, and other vectors. | |
| CVE-2014-1486 | Cri | 0.65 | 9.8 | 0.11 | Feb 6, 2014 | Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. | |
| CVE-2013-6671 | Cri | 0.65 | 9.8 | 0.10 | Dec 11, 2013 | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. |