Filter
AND
-Infinity
0
Trending
Versions
10.0
61
17.0
49
24.0
40
17.0.1
32
17.0.2
32
17.0.3
32
17.0.4
31
38.0
31
10.0.1
30
10.0.2
30
10.0.3
29
17.0.5
29
10.0.4
24
17.0.6
21
24.0.1
20
24.0.2
20
52.0
20
38.1.0
19
10.0.5
17
38.0.1
17
38.0.5
17
31.0
16
17.0.7
14
38.2.0
13
17.0.8
12
31.1
12
31.1.0
12
31.1.1
12
31.2
12
31.3
12
31.3.0
12
31.4
12
31.5
12
31.5.1
12
31.5.2
12
31.5.3
12
31.6.0
12
31.7.0
12
38.3.0
12
24.1.0
11
24.1.1
11
24.2
11
24.3
11
24.4
11
24.5
11
38.4.0
11
38.1.1
10
38.2.1
10
10.0.6
9
38.5.0
9
FirefoxA process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, whi…
9.1
EPSS
0.05%
First published (updated )
ThunderbirdA compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an o…
9.8
First published (updated )
FirefoxFollowing the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a …
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ThunderbirdIt was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox.
10
First published (updated )
ThunderbirdMozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith,…
9.8
First published (updated )
ThunderbirdAn out of date graphics library (Angle) likely contained vulnerabilities that could potentially be e…
9.8
First published (updated )
redhat/firefoxIf an attacker could control the contents of an iframe sandboxed with allow-popups but not allow-scr…
9.6
First published (updated )
ThunderbirdIf a document created a sandboxed iframe without allow-scripts, and subsequently appended an element…
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ThunderbirdA malicious website could have learned the size of a cross-origin resource that supported Range requ…
9.8
First published (updated )
ThunderbirdMozilla developers Gabriele Svelto, Tom Ritter and the Mozilla Fuzzing Team reported memory safety b…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat Enterprise Linux ServerThe Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird b…
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat Enterprise Linux ServerMultiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox E…
9.3
First published (updated )
Red Hat Enterprise Linux ServerThe libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 2…
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.