CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2025-1011 – firefox: thunderbird: A bug in WebAssembly code generation could result in a crash
https://notcve.org/view.php?id=CVE-2025-1011
04 Feb 2025 — This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. • https://bugzilla.mozilla.org/show_bug.cgi?id=1936454 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2025-1010 – firefox: thunderbird: Use-after-free in Custom Highlight
https://notcve.org/view.php?id=CVE-2025-1010
04 Feb 2025 — This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. Multiple security issues were discovered in Firefox. ... Ivan Fratric discovered that Firefox did not properly handle XSLT data, leading to a use-after-free vulnerability. • https://bugzilla.mozilla.org/show_bug.cgi?id=1936982 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 1CVE-2025-1009 – firefox: thunderbird: Use-after-free in XSLT
https://notcve.org/view.php?id=CVE-2025-1009
04 Feb 2025 — This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. A flaw was found in Firefox. ... Multiple security issues were discovered in Firefox. ... Ivan Fratric discovered that Firefox did not properly handle XSLT data, leading to a use-after-free vulnerability. • https://packetstorm.news/files/id/189614 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-0247 – Gentoo Linux Security Advisory 202501-10
https://notcve.org/view.php?id=CVE-2025-0247
07 Jan 2025 — Memory safety bugs present in Firefox 133 and Thunderbird 133. ... This vulnerability affects Firefox < 134. Memory safety bugs present in Firefox 133 and Thunderbird 133. ... This vulnerability affects Firefox < 134 and Thunderbird < 134. Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173 •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2025-0242 – firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6
https://notcve.org/view.php?id=CVE-2025-0242
07 Jan 2025 — Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. ... This vulnerability affects Firefox < 134, Firefox ESR < 128.6, and Firefox ESR < 115.19. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 31EXPL: 0CVE-2025-0240 – firefox: Compartment mismatch when parsing JavaScript JSON module
https://notcve.org/view.php?id=CVE-2025-0240
07 Jan 2025 — This vulnerability affects Firefox < 134 and Firefox ESR < 128.6. ... This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. A flaw was found in Firefox. ... Multiple security issues were discovered in Firefox. ... Irvan Kurniawan discovered that Firefox incorrectly handled memory when breaking lines in text, leading to a use-after-free vulnerability. • https://bugzilla.mozilla.org/show_bug.cgi?id=1929623 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-11705 – Ubuntu Security Notice USN-7134-1
https://notcve.org/view.php?id=CVE-2024-11705
26 Nov 2024 — This vulnerability affects Firefox < 133 and Thunderbird < 133. Multiple security issues were discovered in Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1921768 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11698
https://notcve.org/view.php?id=CVE-2024-11698
26 Nov 2024 — .* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. • https://bugzilla.mozilla.org/show_bug.cgi?id=1916152 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2024-11704 – Gentoo Linux Security Advisory 202501-10
https://notcve.org/view.php?id=CVE-2024-11704
26 Nov 2024 — This vulnerability affects Firefox < 133 and Thunderbird < 133. ... This vulnerability affects Firefox < 133, Thunderbird < 133, Firefox ESR < 128.7, and Thunderbird < 128.7. Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution. • https://bugzilla.mozilla.org/show_bug.cgi?id=1899402 • CWE-415: Double Free •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11693
https://notcve.org/view.php?id=CVE-2024-11693
26 Nov 2024 — .* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. • https://bugzilla.mozilla.org/show_bug.cgi?id=1921458 •