MozillaFirefox (SUSE:Linux Enterprise Module for Desktop Applications 15 SP6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Desktop Applications 15 SP6 package MozillaFirefox, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2024-9392 — CVSS 9.8 (critical): A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131…
CVE-2024-11704 — CVSS 9.8 (critical): A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the…
CVE-2024-8384 — CVSS 9.8 (critical): The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two…
CVE-2025-8031 — CVSS 9.8 (critical): The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials…
CVE-2025-6424 — CVSS 9.8 (critical): A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability was fixed in Firefox 140, Firefox ESR…
CVE-2025-8038 — CVSS 9.8 (critical): Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability was fixed in Firefox 141, Firefox ESR…
CVE-2025-11710 — CVSS 9.8 (critical): A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to…
CVE-2024-6602 — CVSS 9.8 (critical): A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR <…
CVE-2025-11709 — CVSS 9.8 (critical): A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures…
CVE-2025-11708 — CVSS 9.8 (critical): Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and…
CVE-2024-9402 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory…
CVE-2024-8381 — CVSS 9.8 (critical): A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the `with`…
CVE-2025-14321 — CVSS 9.8 (critical): Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2024-9401 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence…
CVE-2025-4918 — CVSS 9.8 (critical): An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox…
CVE-2025-8028 — CVSS 9.8 (critical): On arm64, a WASM `br_table` instruction with a lot of entries could lead to the label being too far from the instruction causing truncation…
CVE-2024-3863 — CVSS 9.8 (critical): The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems…
CVE-2024-6611 — CVSS 9.8 (critical): A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128…
CVE-2025-1017 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of…
CVE-2025-9187 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2024-11693 — CVSS 9.8 (critical): The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating…
CVE-2025-6433 — CVSS 9.8 (critical): If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge…
CVE-2025-14330 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird…
CVE-2024-8385 — CVSS 9.8 (critical): A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability…
CVE-2024-8387 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory…
CVE-2024-11698 — CVSS 9.8 (critical): A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal…
CVE-2025-1009 — CVSS 9.8 (critical): An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability was…
CVE-2025-9179 — CVSS 9.8 (critical): An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily…
CVE-2025-14324 — CVSS 9.8 (critical): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2024-7519 — CVSS 9.6 (critical): Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to…
CVE-2025-8037 — CVSS 9.1 (critical): Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the…
CVE-2025-6427 — CVSS 9.1 (critical): An attacker was able to bypass the `connect-src` directive of a Content Security Policy by manipulating subdocuments. This would have also…
CVE-2025-4083 — CVSS 9.1 (critical): A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute…
CVE-2025-8040 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence…
CVE-2024-7527 — CVSS 8.8 (high): Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR…
CVE-2024-7528 — CVSS 8.8 (high): Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox…
CVE-2024-8382 — CVSS 8.8 (high): Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web…
CVE-2025-14323 — CVSS 8.8 (high): Privilege escalation in the DOM: Notifications component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2024-9396 — CVSS 8.8 (high): It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to…
CVE-2024-10467 — CVSS 8.8 (high): Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory…
CVE-2024-11691 — CVSS 8.8 (high): Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in…
CVE-2024-11697 — CVSS 8.8 (high): When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation…
CVE-2024-11699 — CVSS 8.8 (high): Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory…
CVE-2025-6426 — CVSS 8.8 (high): The executable file warning did not warn users before opening files with the `terminal` extension. *This bug only affects Firefox for…
CVE-2025-4919 — CVSS 8.8 (high): An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability…
CVE-2024-3854 — CVSS 8.8 (high): In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability…
CVE-2025-2817 — CVSS 8.8 (high): Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the…
CVE-2025-1930 — CVSS 8.8 (high): On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process…
CVE-2024-4367 — CVSS 8.8 (high): A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This…
CVE-2025-14329 — CVSS 8.8 (high): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2025-14328 — CVSS 8.8 (high): Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and…
CVE-2024-4770 — CVSS 8.8 (high): When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox <…
CVE-2024-4777 — CVSS 8.8 (high): Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory…
CVE-2024-9400 — CVSS 8.8 (high): A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during…
CVE-2025-13020 — CVSS 8.8 (high): Use-after-free in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and…
CVE-2025-13014 — CVSS 8.8 (high): Use-after-free in the Audio/Video component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30…
CVE-2025-11715 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence…
CVE-2025-11714 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these…
CVE-2024-6605 — CVSS 8.8 (high): Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking. This vulnerability affects…
CVE-2024-6607 — CVSS 8.8 (high): It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a…
CVE-2025-10537 — CVSS 8.8 (high): Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142. Some of these bugs showed evidence…
CVE-2024-6609 — CVSS 8.8 (high): When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox <…
CVE-2025-10533 — CVSS 8.8 (high): Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143…
CVE-2025-1014 — CVSS 8.8 (high): Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This…
CVE-2024-6615 — CVSS 8.8 (high): Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2025-1011 — CVSS 8.8 (high): A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code…
CVE-2024-7520 — CVSS 8.8 (high): A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects…
CVE-2024-7521 — CVSS 8.8 (high): Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR <…
CVE-2024-7522 — CVSS 8.8 (high): Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129…
CVE-2025-1010 — CVSS 8.8 (high): An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. This vulnerability…
CVE-2024-5696 — CVSS 8.6 (high): By manipulating the text in an `<input>` tag, an attacker could have caused corrupt memory leading to a potentially exploitable…
CVE-2025-6432 — CVSS 8.6 (high): When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS…
CVE-2024-6606 — CVSS 8.2 (high): Clipboard code failed to check the index on an array access. This could have led to an out-of-bounds read. This vulnerability affects…
CVE-2025-13017 — CVSS 8.1 (high): Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird…
CVE-2024-3864 — CVSS 8.1 (high): Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we…
CVE-2024-5688 — CVSS 8.1 (high): If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability…
CVE-2024-7525 — CVSS 8.1 (high): It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response…
CVE-2025-11713 — CVSS 8.1 (high): Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows…
CVE-2025-13018 — CVSS 8.1 (high): Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and…
CVE-2025-13019 — CVSS 8.1 (high): Same-origin policy bypass in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145…
CVE-2025-14333 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence…
CVE-2025-1932 — CVSS 8.1 (high): An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version…
CVE-2025-3030 — CVSS 8.1 (high): Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of…
CVE-2025-4091 — CVSS 8.1 (high): Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of…
CVE-2025-4093 — CVSS 8.1 (high): Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that…
CVE-2025-5268 — CVSS 8.1 (high): Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence…
CVE-2025-5269 — CVSS 8.1 (high): Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that…
CVE-2025-6435 — CVSS 8.1 (high): If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with…
CVE-2025-6436 — CVSS 8.1 (high): Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that…
CVE-2025-8029 — CVSS 8.1 (high): Thunderbird executed `javascript:` URLs when used in `object` and `embed` tags. This vulnerability was fixed in Firefox 141, Firefox ESR…
CVE-2025-8030 — CVSS 8.1 (high): Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This…
CVE-2025-8032 — CVSS 8.1 (high): XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141…
CVE-2025-8036 — CVSS 8.1 (high): Thunderbird cached CORS preflight responses across IP address changes. This allowed circumventing CORS with DNS rebinding. This…
CVE-2025-8039 — CVSS 8.1 (high): In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in…
CVE-2025-9180 — CVSS 8.1 (high): Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR…
CVE-2025-9184 — CVSS 8.1 (high): Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence…
CVE-2025-14322 — CVSS 8.0 (high): Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146…
CVE-2024-3857 — CVSS 7.8 (high): The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This…
CVE-2024-43097 — CVSS 7.8 (high): In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation…
CVE-2025-0241 — CVSS 7.7 (high): When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability…
CVE-2025-1933 — CVSS 7.6 (high): On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them…
CVE-2024-9399 — CVSS 7.5 (high): A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service…
CVE-2024-8900 — CVSS 7.5 (high): An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This…
CVE-2024-9394 — CVSS 7.5 (high): An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This…
CVE-2024-6604 — CVSS 7.5 (high): Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory…
CVE-2024-9393 — CVSS 7.5 (high): An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This…
CVE-2024-8383 — CVSS 7.5 (high): Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does…
CVE-2024-3852 — CVSS 7.5 (high): GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125…
CVE-2024-10466 — CVSS 7.5 (high): By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become…
CVE-2025-13016 — CVSS 7.5 (high): Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5…
CVE-2024-10458 — CVSS 7.5 (high): A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects…
CVE-2024-10459 — CVSS 7.5 (high): An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This…
CVE-2025-1012 — CVSS 7.5 (high): A race during concurrent delazification could have led to a use-after-free. This vulnerability was fixed in Firefox 135, Firefox ESR…
CVE-2025-1937 — CVSS 7.5 (high): Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these…
CVE-2025-9182 — CVSS 7.5 (high): Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability was fixed in Firefox 142, Firefox ESR…
CVE-2024-5702 — CVSS 7.5 (high): Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125…
CVE-2025-13012 — CVSS 7.5 (high): Race condition in the Graphics component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30, Thunderbird…
CVE-2025-1931 — CVSS 7.5 (high): It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable…
CVE-2024-6603 — CVSS 7.4 (high): In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory…
CVE-2025-1936 — CVSS 7.3 (high): jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content…
CVE-2025-14325 — CVSS 7.3 (high): JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird…
CVE-2025-10528 — CVSS 7.3 (high): Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143…
CVE-2025-3029 — CVSS 7.3 (high): A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing…
CVE-2025-10527 — CVSS 7.1 (high): Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3…
CVE-2024-5700 — CVSS 7.0 (high): Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory…
CVE-2024-7518 — CVSS 6.5 (medium): Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This…
CVE-2025-1013 — CVSS 6.5 (medium): A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential…
CVE-2025-10529 — CVSS 6.5 (medium): Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and…
CVE-2025-10532 — CVSS 6.5 (medium): Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird…
CVE-2025-11711 — CVSS 6.5 (medium): There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable. This vulnerability was fixed in…
CVE-2024-5692 — CVSS 6.5 (medium): On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed…
CVE-2025-14331 — CVSS 6.5 (medium): Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR…
CVE-2025-9181 — CVSS 6.5 (medium): Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR…
CVE-2025-8033 — CVSS 6.5 (medium): The JavaScript engine did not handle closed generators correctly and it was possible to resume them leading to a nullptr deref. This…
CVE-2025-1934 — CVSS 6.5 (medium): It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection…
CVE-2025-1938 — CVSS 6.5 (medium): Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of…
CVE-2025-3028 — CVSS 6.5 (medium): JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability was fixed…
CVE-2024-10465 — CVSS 6.5 (medium): A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR…
CVE-2024-10464 — CVSS 6.5 (medium): Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was…
CVE-2024-10463 — CVSS 6.5 (medium): Video frames could have been leaked between origins in some situations. This vulnerability affects Firefox < 132, Firefox ESR < 128.4…
CVE-2024-10462 — CVSS 6.5 (medium): Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox < 132, Firefox ESR <…
CVE-2025-6429 — CVSS 6.5 (medium): Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag…
CVE-2025-6431 — CVSS 6.5 (medium): When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker…
CVE-2025-9183 — CVSS 6.5 (medium): Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2.
CVE-2025-8027 — CVSS 6.5 (medium): On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire…
CVE-2024-7531 — CVSS 6.5 (medium): Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy…
CVE-2024-7529 — CVSS 6.5 (medium): The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions…
CVE-2024-7526 — CVSS 6.5 (medium): ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from…
CVE-2024-6600 — CVSS 6.3 (medium): Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than…
CVE-2025-10536 — CVSS 6.2 (medium): Information disclosure in the Networking: Cache component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143…
CVE-2024-4768 — CVSS 6.1 (medium): A bug in popup notifications' interaction with WebAuthn made it easier for an attacker to trick a user into granting permissions. This…
CVE-2024-9397 — CVSS 6.1 (medium): A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via…
CVE-2024-5693 — CVSS 6.1 (medium): Offscreen Canvas did not properly track cross-origin tainting, which could be used to access image data from another site in violation of…
CVE-2024-8386 — CVSS 6.1 (medium): If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform…
CVE-2024-2609 — CVSS 6.1 (medium): The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious…
CVE-2025-6430 — CVSS 6.1 (medium): When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a…
CVE-2025-13013 — CVSS 6.1 (medium): Mitigation bypass in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Firefox ESR 115.30…
CVE-2024-11694 — CVSS 6.1 (medium): Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google…
CVE-2025-11712 — CVSS 6.1 (medium): A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web…
CVE-2024-10461 — CVSS 6.1 (medium): In multipart/x-mixed-replace responses, `Content-Disposition: attachment` in the response header was not respected and did not force a…
CVE-2024-7524 — CVSS 6.1 (medium): Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by…
CVE-2024-3859 — CVSS 5.9 (medium): On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed…
CVE-2024-4769 — CVSS 5.9 (medium): When importing resources using Web Workers, error messages would distinguish the difference between `application/javascript` responses and…
CVE-2025-4082 — CVSS 5.9 (medium): Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could…
CVE-2025-4084 — CVSS 5.7 (medium): Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this…
CVE-2024-6613 — CVSS 5.5 (medium): The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability…
CVE-2025-0237 — CVSS 5.4 (medium): The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather…
CVE-2024-11696 — CVSS 5.4 (medium): The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This…
CVE-2024-11695 — CVSS 5.4 (medium): A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential…
CVE-2025-5267 — CVSS 5.4 (medium): A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page. This…
CVE-2025-0238 — CVSS 5.3 (medium): Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash…
CVE-2024-9398 — CVSS 5.3 (medium): By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application…
CVE-2024-6612 — CVSS 5.3 (medium): CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch…
CVE-2024-10460 — CVSS 5.3 (medium): The origin of an external protocol handler prompt could have been obscured using a data: URL within an `iframe`. This vulnerability affects…
CVE-2025-0243 — CVSS 5.1 (medium): Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of…
CVE-2025-5265 — CVSS 4.8 (medium): Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this…
CVE-2025-4087 — CVSS 4.8 (medium): A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during…
CVE-2025-5264 — CVSS 4.8 (medium): Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this…
CVE-2024-6601 — CVSS 4.7 (medium): A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox <…
CVE-2024-5691 — CVSS 4.7 (medium): By tricking the browser with a `X-Frame-Options` header, a sandboxed iframe could have presented a button that, if clicked by a user, would…
CVE-2024-5690 — CVSS 4.3 (medium): By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's…
CVE-2024-6614 — CVSS 4.3 (medium): The frame iterator could get stuck in a loop when encountering certain wasm frames leading to incorrect stack traces. This vulnerability…
CVE-2025-5263 — CVSS 4.3 (medium): Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. This…
CVE-2025-5266 — CVSS 4.3 (medium): Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This…
CVE-2025-6425 — CVSS 4.3 (medium): An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and…
CVE-2025-6428 — CVSS 4.3 (medium): When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially…
CVE-2025-6434 — CVSS 4.3 (medium): The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially…
CVE-2024-11692 — CVSS 4.3 (medium): An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing…
CVE-2024-6608 — CVSS 4.3 (medium): It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox…
CVE-2024-4767 — CVSS 4.3 (medium): If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed…
CVE-2024-6610 — CVSS 4.3 (medium): Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from…
CVE-2025-1935 — CVSS 4.3 (medium): A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in…
CVE-2024-3861 — CVSS 4.0 (medium): If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later…
CVE-2025-0240 — CVSS 4.0 (medium): Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free…