CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54144
https://notcve.org/view.php?id=CVE-2025-54144
19 Aug 2025 — The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS < 141. El esquema de URL utilizado por Firefox para facilitar la búsqueda de consultas de texto podría permitir incorrectamente a los atacantes abrir URL de sitios web arbitrarios o páginas internas si un usuario fue engañado para hacer clic en un enlace. Esta vulnerabili... • https://bugzilla.mozilla.org/show_bug.cgi?id=1946062 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54143
https://notcve.org/view.php?id=CVE-2025-54143
19 Aug 2025 — Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141. Los iframes de la sandbox en páginas web podrían permitir descargas al dispositivo, eludiendo las restricciones de espacio aislado esperadas declaradas en la página principal. Esta vulnerabilidad afecta a Firefox para iOS < 141. • https://bugzilla.mozilla.org/show_bug.cgi?id=1912671 • CWE-693: Protection Mechanism Failure •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-8364
https://notcve.org/view.php?id=CVE-2025-8364
19 Aug 2025 — A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 141. Una URL manipulada con un blob: URI podría haber ocultado el verdadero origen de la página, lo que podría provocar un ataque de suplantación de identidad. *Nota: Este problema solo afecta a los sistemas operativos Android. Los demás sistemas operati... • https://bugzilla.mozilla.org/show_bug.cgi?id=1909609 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-9184 – Memory safety bugs fixed in Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
https://notcve.org/view.php?id=CVE-2025-9184
19 Aug 2025 — Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2. Errores de seguridad de memoria presentes en Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 y Thunderbird 141. Algunos de estos errores... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1929482%2C1976376%2C1979163%2C1979955 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-9187 – Memory safety bugs fixed in Firefox 142 and Thunderbird 142
https://notcve.org/view.php?id=CVE-2025-9187
19 Aug 2025 — Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142. Errores de seguridad de memoria presentes en Firefox 141 y Thunderbird 141. Algunos de estos errores mostraron evidencia de corrupción de memoria y presumimos que, con suficiente esfuerzo, algunos de ellos podrían haberse explo... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1825621%2C1970079%2C1976736%2C1979072 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-9183 – Spoofing issue in the Address Bar component
https://notcve.org/view.php?id=CVE-2025-9183
19 Aug 2025 — Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2. Problema de suplantación de identidad en la barra de direcciones. Esta vulnerabilidad afecta a Firefox (versión anterior a 142) y Firefox (versión anterior a 140.2). These are all security issues fixed in the MozillaFirefox-142.0.1-1.1 package on the GA media of openSUSE Tumbleweed. • https://bugzilla.mozilla.org/show_bug.cgi?id=1976102 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-9182 – Denial-of-service due to out-of-memory in the Graphics: WebRender component
https://notcve.org/view.php?id=CVE-2025-9182
19 Aug 2025 — 'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2. Denegación de servicio debido a falta de memoria en el componente Gráficos: WebRender. Esta vulnerabilidad afecta a Firefox (versión anterior a 142), Firefox ESR (versión anterior a 140.2), Thunderbird (versión anterior a 142) y Thunderbird (versión anterior a 140.2). Denial-of-service due to out-of-memory in the Graphics: W... • https://bugzilla.mozilla.org/show_bug.cgi?id=1975837 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-9186 – Spoofing issue in the Address Bar component of Firefox Focus for Android
https://notcve.org/view.php?id=CVE-2025-9186
19 Aug 2025 — Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox < 142. Problema de suplantación de identidad en la barra de direcciones de Firefox Focus para Android. Esta vulnerabilidad afecta a Firefox (versión anterior a la 142). These are all security issues fixed in the MozillaFirefox-142.0.1-1.1 package on the GA media of openSUSE Tumbleweed. • https://bugzilla.mozilla.org/show_bug.cgi?id=1445758 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-9185 – Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
https://notcve.org/view.php?id=CVE-2025-9185
19 Aug 2025 — Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2. Errores de s... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1970154%2C1976782%2C1977166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-9181 – Uninitialized memory in the JavaScript Engine component
https://notcve.org/view.php?id=CVE-2025-9181
19 Aug 2025 — Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2. Memoria sin inicializar en el componente JavaScript Engine. Esta vulnerabilidad afecta a Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14 y Thunderbird < 140.2. A flaw was found in Thunderbird and Firefox. • https://bugzilla.mozilla.org/show_bug.cgi?id=1977130 • CWE-457: Use of Uninitialized Variable CWE-665: Improper Initialization •