CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-8044 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8044
22 Jul 2025 — Memory safety bugs present in Firefox 140 and Thunderbird 140. ... This vulnerability affects Firefox < 141 and Thunderbird < 141. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1933572%2C1971116 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-8043 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8043
22 Jul 2025 — This vulnerability affects Firefox < 141 and Thunderbird < 141. • https://bugzilla.mozilla.org/show_bug.cgi?id=1970209 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-8038 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8038
22 Jul 2025 — This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1808979 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-8031 – firefox: thunderbird: Incorrect URL stripping in CSP reports
https://notcve.org/view.php?id=CVE-2025-8031
22 Jul 2025 — This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. A flaw was found in Firefox and Thunderbird. • https://bugzilla.mozilla.org/show_bug.cgi?id=1971719 • CWE-276: Incorrect Default Permissions •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-8037 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8037
22 Jul 2025 — This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1964767 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-8028 – firefox: thunderbird: Large branch table could lead to truncated instruction
https://notcve.org/view.php?id=CVE-2025-8028
22 Jul 2025 — This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. A flaw was found in Firefox and Thunderbird. • https://bugzilla.mozilla.org/show_bug.cgi?id=1971581 • CWE-1332: Improper Handling of Faults that Lead to Instruction Skips •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54143
https://notcve.org/view.php?id=CVE-2025-54143
22 Jul 2025 — Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-8041 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8041
22 Jul 2025 — In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. These are all security issues fixed in the MozillaFirefox-141.0-1.1 package on the GA media of openSUSE Tumbleweed. •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-8042 – openSUSE Security Advisory - openSUSE-SU-2025:15386-1
https://notcve.org/view.php?id=CVE-2025-8042
22 Jul 2025 — Firefox for Android allowed a sandboxed iframe without the <code>allow-downloads</code> attribute to start downloads. These are all security issues fixed in the MozillaFirefox-141.0-1.1 package on the GA media of openSUSE Tumbleweed. •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2025-6433 – openSUSE Security Advisory - openSUSE-SU-2025:15325-1
https://notcve.org/view.php?id=CVE-2025-6433
24 Jun 2025 — This vulnerability affects Firefox < 140. ... This vulnerability affects Firefox < 140 and Thunderbird < 140. • https://bugzilla.mozilla.org/show_bug.cgi?id=1954033 • CWE-295: Improper Certificate Validation •