Mozilla Security Vulnerabilities (CVEs)
Track 378 security vulnerabilities affecting Mozilla products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Hubs Cloud's Reticulum software allowed attackers to use the proxy functionality to access internal URLs, including sensitive me...
Jun 24, 2021This vulnerability allows a malicious program already running on a Windows system to send specially crafted WM_COPYDATA messages to Firefox, causing a...
Jun 24, 2021CVE-2021-29966 is a memory corruption vulnerability in Firefox that could allow attackers to execute arbitrary code on affected systems. This affects ...
Jun 24, 2021This vulnerability allows an attacker to read memory outside the bounds of a canvas buffer when Firefox renders text with WebRender disabled, potentia...
Jun 24, 2021This vulnerability allows attackers to exploit uninitialized WebGL framebuffers in Mozilla browsers, leading to memory corruption and potential arbitr...
Jun 24, 2021This vulnerability in Mozilla Firefox involves a use-after-free condition in the font cache due to unexpected data type conversions. Attackers could p...
Jun 24, 2021This vulnerability in Mozilla Firefox, Firefox ESR, and Thunderbird allows malicious web content to gain elevated system privileges through Blob URL m...
Jun 24, 2021This vulnerability allows attackers to inject arbitrary FTP commands by tricking users into clicking malicious FTP URLs containing encoded newline cha...
Jun 24, 2021This vulnerability allows attackers to bypass port blocking restrictions by crafting Alt-Svc headers with integer overflow values above 65535. It affe...
Jun 24, 2021This vulnerability allows Thunderbird to load a malicious shared library instead of the legitimate OTR protocol library due to an incorrect filename s...
Jun 24, 2021A race condition in Firefox's Web Render components during destruction could lead to undefined behavior, potentially allowing arbitrary code execution...
Jun 24, 2021This vulnerability in NSS (Network Security Services) allows out-of-bounds reads when using multi-part ChaCha20-POLY1305 encryption, potentially expos...
May 27, 2021This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could exploit...
Mar 31, 2021CVE-2021-23964 is a memory corruption vulnerability in Mozilla products that could allow attackers to execute arbitrary code on affected systems. The ...
Feb 26, 2021This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could potenti...
Feb 26, 2021CVE-2021-23962 is a use-after-poison vulnerability in Firefox's '<RowCountChanged>' method that could lead to memory corruption and potentially exploi...
Feb 26, 2021This vulnerability involves a type confusion bug in JavaScript's logical assignment operators within switch statements, which can lead to memory corru...
Feb 26, 2021This vulnerability in Firefox for Android allowed malicious websites to bypass iframe sandbox restrictions using Android-specific intent URLs. Only Fi...
Feb 26, 2021This vulnerability in Mozilla's JavaScript engine allows attackers to trigger a use-after-poison condition during garbage collection of re-declared va...
Feb 26, 2021This vulnerability in Firefox allows attackers to bypass phishing warnings when using HTTP authentication in malicious URLs. By exploiting cached redi...
Feb 26, 2021This vulnerability in Firefox for Android allows malicious apps to send crafted intents that trick Firefox into loading webapp manifests from arbitrar...
Feb 26, 2021This vulnerability involves a type confusion bug in Firefox's CSS flexbox implementation where a StyleGenericFlexBasis object could be incorrectly cas...
Jan 7, 2021This vulnerability allows attackers to execute malicious code on Windows systems when users download files without extensions and open them from Firef...
Jan 7, 2021This CVE describes memory safety bugs in Firefox that could lead to memory corruption. With sufficient effort, attackers could potentially exploit the...
Jan 7, 2021This vulnerability allows attackers to trigger a heap buffer overflow by providing specially crafted blit values to video drivers. Successful exploita...
Jan 7, 2021This is a use-after-free vulnerability in Firefox's WebGL implementation where IPC actors can outlive their managers, leading to memory corruption. At...
Jan 7, 2021This CVE describes memory safety bugs in Firefox and Thunderbird that could lead to memory corruption. With sufficient effort, attackers could exploit...
Oct 22, 2020CVE-2019-17006 is a buffer overflow vulnerability in Network Security Services (NSS) cryptographic library due to missing length checks. This allows a...
Oct 22, 2020Why Monitor Mozilla Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 378+ known vulnerabilities affecting Mozilla products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Mozilla packages in under 60 seconds. No agents required - completely agentless scanning that works across Mozilla deployments.
Free vulnerability database: Access detailed information about every Mozilla CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Mozilla CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
