Filtered by vendor Mozilla Subscriptions
Total 3662 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0594 4 Galeon, Mozilla, Netscape and 1 more 5 Galeon Browser, Mozilla, Navigator and 2 more 2026-04-16 N/A
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2006-2785 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting "Show only this frame" on a frame whose SRC attribute contains a Javascript URL.
CVE-2005-0578 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.
CVE-2006-1724 3 Debian, Mozilla, Redhat 6 Debian Linux, Firefox, Mozilla Suite and 3 more 2026-04-16 N/A
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to DHTML.
CVE-2026-0877 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.1 High
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0885 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 6.5 Medium
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-2772 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2777 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 9.8 Critical
Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-0878 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8 High
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0879 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 9.8 Critical
Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0880 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0881 1 Mozilla 2 Firefox, Thunderbird 2026-04-15 10 Critical
Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.
CVE-2026-0882 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 8.8 High
Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0883 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 5.3 Medium
Information disclosure in the Networking component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0884 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 9.8 Critical
Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0886 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 5.3 Medium
Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0887 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 4.3 Medium
Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.
CVE-2026-0888 1 Mozilla 2 Firefox, Thunderbird 2026-04-15 5.3 Medium
Information disclosure in the XML component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.
CVE-2026-0889 1 Mozilla 2 Firefox, Thunderbird 2026-04-15 7.5 High
Denial-of-service in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.
CVE-2026-0890 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-15 5.4 Medium
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.