Логотип exploitDog
product: "firefox"
Консоль
Логотип exploitDog

exploitDog

product: "firefox"
Mozilla Firefox

Mozilla Firefoxсвободный браузер на движке Gecko

Релизный цикл, информация об уязвимостях

Продукт: Mozilla Firefox
Вендор: mozilla

График релизов

11511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614720232024202520262027

Недавние уязвимости Mozilla Firefox

Количество 15 501

debian логотип

CVE-2025-0243

около 1 года назад

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...

CVSS3: 5.1
EPSS: Низкий
nvd логотип

CVE-2025-0242

около 1 года назад

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2025-0242

около 1 года назад

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2025-0241

около 1 года назад

When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 7.7
EPSS: Низкий
debian логотип

CVE-2025-0241

около 1 года назад

When segmenting specially crafted text, segmentation would corrupt mem ...

CVSS3: 7.7
EPSS: Низкий
nvd логотип

CVE-2025-0240

около 1 года назад

Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 4
EPSS: Низкий
debian логотип

CVE-2025-0240

около 1 года назад

Parsing a JavaScript module as JSON could, under some circumstances, c ...

CVSS3: 4
EPSS: Низкий
nvd логотип

CVE-2025-0239

около 1 года назад

When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 4
EPSS: Низкий
debian логотип

CVE-2025-0239

около 1 года назад

When using Alt-Svc, ALPN did not properly validate certificates when t ...

CVSS3: 4
EPSS: Низкий
nvd логотип

CVE-2025-0238

около 1 года назад

Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 5.3
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
debian логотип
CVE-2025-0243

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...

CVSS3: 5.1
0%
Низкий
около 1 года назад
nvd логотип
CVE-2025-0242

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 6.5
1%
Низкий
около 1 года назад
debian логотип
CVE-2025-0242

Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...

CVSS3: 6.5
1%
Низкий
около 1 года назад
nvd логотип
CVE-2025-0241

When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 7.7
1%
Низкий
около 1 года назад
debian логотип
CVE-2025-0241

When segmenting specially crafted text, segmentation would corrupt mem ...

CVSS3: 7.7
1%
Низкий
около 1 года назад
nvd логотип
CVE-2025-0240

Parsing a JavaScript module as JSON could, under some circumstances, cause cross-compartment access, which may result in a use-after-free. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 4
0%
Низкий
около 1 года назад
debian логотип
CVE-2025-0240

Parsing a JavaScript module as JSON could, under some circumstances, c ...

CVSS3: 4
0%
Низкий
около 1 года назад
nvd логотип
CVE-2025-0239

When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 4
0%
Низкий
около 1 года назад
debian логотип
CVE-2025-0239

When using Alt-Svc, ALPN did not properly validate certificates when t ...

CVSS3: 4
0%
Низкий
около 1 года назад
nvd логотип
CVE-2025-0238

Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6.

CVSS3: 5.3
0%
Низкий
около 1 года назад

Уязвимостей на страницу


Поделиться