Mozilla

Firefox

2918 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-5020

  • EPSS 0.03%
  • Veröffentlicht 21.05.2025 17:18:08
  • Zuletzt bearbeitet 13.06.2025 18:55:32

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for ...

8.8

CVE-2025-4919

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 17.05.2025 21:07:27
  • Zuletzt bearbeitet 03.11.2025 20:19:11

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbir...

9.8

CVE-2025-4918

Exploit
  • EPSS 0.11%
  • Veröffentlicht 17.05.2025 21:07:26
  • Zuletzt bearbeitet 03.11.2025 20:19:11

An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2.

0

CVE-2025-4921

  • EPSS 0.02%
  • Veröffentlicht 17.05.2025 21:07:25
  • Zuletzt bearbeitet 18.05.2025 20:15:19

Rejected reason: Duplicate of CVE-2025-4919

0

CVE-2025-4920

  • EPSS 0.02%
  • Veröffentlicht 17.05.2025 21:07:23
  • Zuletzt bearbeitet 18.05.2025 20:15:19

Rejected reason: Duplicate of CVE-2025-4918

8.1

CVE-2025-4093

  • EPSS 0.07%
  • Veröffentlicht 29.04.2025 13:13:50
  • Zuletzt bearbeitet 03.11.2025 20:19:10

Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR <...

6.5

CVE-2025-4092

  • EPSS 0.04%
  • Veröffentlicht 29.04.2025 13:13:49
  • Zuletzt bearbeitet 09.05.2025 19:32:00

Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Fi...

8.1

CVE-2025-4091

  • EPSS 0.07%
  • Veröffentlicht 29.04.2025 13:13:48
  • Zuletzt bearbeitet 03.11.2025 20:19:10

Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitr...

5.3

CVE-2025-4090

  • EPSS 0.04%
  • Veröffentlicht 29.04.2025 13:13:46
  • Zuletzt bearbeitet 23.09.2025 15:15:30

A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138.

5.1

CVE-2025-4089

  • EPSS 0.02%
  • Veröffentlicht 29.04.2025 13:13:45
  • Zuletzt bearbeitet 09.05.2025 19:32:53

Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and T...