VYPR

Vendor CVEs

Mozilla Corporation

All CVEs

3,628 total · sorted by risk
  • CVE-2026-6774MedApr 21, 2026
    risk 0.35cvss 5.4epss 0.00

    Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

  • CVE-2026-2804MedFeb 24, 2026
    risk 0.35cvss 5.4epss 0.00

    Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.

  • CVE-2026-0890MedJan 13, 2026
    risk 0.35cvss 5.4epss 0.00

    Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

  • CVE-2025-10531MedSep 16, 2025
    risk 0.35cvss 5.4epss 0.00

    Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability was fixed in Firefox 143 and Thunderbird 143.

  • CVE-2025-54144MedAug 19, 2025
    risk 0.35cvss 5.4epss 0.00

    The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.

  • CVE-2025-5267MedMay 27, 2025
    risk 0.35cvss 5.4epss 0.00

    A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.

  • CVE-2025-27426MedMar 4, 2025
    risk 0.35cvss 5.4epss 0.00

    Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136.

  • CVE-2025-0244MedJan 7, 2025
    risk 0.35cvss 5.3epss 0.07

    When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 134.

  • CVE-2025-0237MedJan 7, 2025
    risk 0.35cvss 5.4epss 0.01

    The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks. This vulnerability was fixed in Firefox 134, Firefox ESR…

  • CVE-2016-8635MedAug 1, 2018
    risk 0.35cvss 5.3epss 0.02

    It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

  • CVE-2018-5173MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file…

  • CVE-2018-5168MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This…

  • CVE-2018-5165MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    In 32-bit versions of Firefox, the Adobe Flash plugin setting for "Enable Adobe Flash protected mode" is unchecked by default even though the Adobe Flash sandbox is actually enabled. The displayed state is the reverse of the true setting, resulting in user confusion. This could…

  • CVE-2018-5142MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    If Media Capture and Streams API permission is requested from documents with "data:" or "blob:" URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown protocol" as the requestee, leading to user confusion about which…

  • CVE-2018-5140MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Image for moz-icons can be accessed through the "moz-icon:" protocol through script in web content even when otherwise prohibited. This could allow for information leakage of which applications are associated with specific MIME types by a malicious page. This vulnerability…

  • CVE-2018-5138MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded…

  • CVE-2018-5121MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems.…

  • CVE-2018-5119MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    The reader view will display cross-origin content when CORS headers are set to prohibit the loading of cross-origin content by a site. This could allow access to content that should be restricted in reader view. This vulnerability affects Firefox < 58.

  • CVE-2018-5118MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    The screenshot images displayed in the Activity Stream page displayed when a new tab is opened is created from the meta tags of websites. An issue was discovered where the page could attempt to create these images through "file:" URLs from the local file system. This loading is…

  • CVE-2018-5117MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can mislead users to believe they are…

  • CVE-2018-5114MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox < 58.

  • CVE-2018-5110MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affects OS X. Other operating systems are not affected. This vulnerability affects…

  • CVE-2018-5107MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    The printing process can bypass local access protections to read files available through symlinks, bypassing local file restrictions. The printing process requires files in a specific format so arbitrary data cannot be read but it is possible that some local file information…

  • CVE-2018-5106MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Style editor traffic in the Developer Tools can be routed through a service worker hosted on a third party website if a user selects error links when these tools are open. This can allow style editor information used within Developer Tools to leak cross-origin. This…

  • CVE-2017-7848MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.

  • CVE-2017-7842MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This…

  • CVE-2017-7838MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Punycode format text will be displayed for entire qualified international domain names in some instances when a sub-domain triggers the punycode display instead of the primary domain being displayed in native script and the sub-domain only displaying as punycode. This could be…

  • CVE-2017-7837MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    SVG loaded through "" tags can use "" tags within the SVG data to set cookies for that page. This vulnerability affects Firefox < 57.

  • CVE-2017-7833MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Some Arabic and Indic vowel marker characters can be combined with Latin characters in a domain name to eclipse the non-Latin character with some font sets on the addressbar. The non-Latin character will not be visible to most viewers. This allows for domain spoofing attacks…

  • CVE-2017-7832MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    The combined, single character, version of the letter 'i' with any of the potential accents in unicode, such as acute or grave, can be spoofed in the addressbar by the dotless version of 'i' followed by the same accent as a second character with most font sets. This allows for…

  • CVE-2017-7831MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability where the security wrapper does not deny access to some exposed properties using the deprecated "_exposedProps_" mechanism on proxy objects. These properties should be explicitly unavailable to proxy objects. This vulnerability affects Firefox < 57.

  • CVE-2017-7829MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.

  • CVE-2017-7825MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This…

  • CVE-2017-7823MedJun 11, 2018
    risk 0.35cvss 5.4epss 0.01

    The content security policy (CSP) "sandbox" directive did not create a unique origin for the document, causing it to behave as if the "allow-same-origin" keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. This…

  • CVE-2017-7822MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    The AES-GCM implementation in WebCrypto API accepts 0-length IV when it should require a length of 1 according to the NIST Special Publication 800-38D specification. This might allow for the authentication key to be determined in some instances. This vulnerability affects…

  • CVE-2017-7820MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    The "instanceof" operator can bypass the Xray wrapper mechanism. When called on web content from the browser itself or an extension the web content can provide its own result for that operator, possibly tricking the browser or extension into mishandling the element. This…

  • CVE-2017-7817MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake address bar to be displayed. This allows an attacker to spoof which page is actually loaded and in use. Note: This attack only affects Firefox for Android. Other…

  • CVE-2017-7816MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    WebExtensions could use popups and panels in the extension UI to load an "about:" privileged URL, violating security checks that disallow this behavior. This vulnerability affects Firefox < 56.

  • CVE-2017-7815MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations…

  • CVE-2017-7812MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    If web content on a page is dragged onto portions of the browser UI, such as the tab bar, links can be opened that otherwise would not be allowed to open. This can allow malicious web content to open a locally stored file through "file:" URLs. This vulnerability affects Firefox…

  • CVE-2017-7808MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.

  • CVE-2017-7791MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox…

  • CVE-2017-7789MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    If a server sends two Strict-Transport-Security (STS) headers for a single connection, they will be rejected as invalid and HTTP Strict Transport Security (HSTS) will not be enabled for the connection. This vulnerability affects Firefox < 55.

  • CVE-2017-7782MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects…

  • CVE-2017-7764MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.02

    Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode blocks in the addressbar instead of being rendered as their raw "punycode" form, allowing for domain name spoofing attacks through character confusion. The current Unicode…

  • CVE-2017-7763MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability…

  • CVE-2017-5463MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not…

  • CVE-2017-5462MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.03

    A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version…

  • CVE-2017-5426MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to…

  • CVE-2017-5418MedJun 11, 2018
    risk 0.35cvss 5.3epss 0.01

    An out of bounds read error occurs when parsing some HTTP digest authorization responses, resulting in information leakage through the reading of random memory containing matches to specifically set patterns. This vulnerability affects Firefox < 52 and Thunderbird < 52.

Page 18 of 73