Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Firefox — Vulnerabilities & Security Advisories 1233

All 1233 CVE vulnerabilities found in Firefox, with AI-generated Chinese analysis, references, and POCs.

Vendor: Mozilla

CVE IDTitleCVSSSeverityPublished
CVE-2025-2857 Incorrect handle could lead to sandbox escapes 9.6AICriticalAI2025-03-27
CVE-2025-1943 Memory safety bugs fixed in Firefox 136 and Thunderbird 136 9.8 -2025-03-04
CVE-2025-1938 Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 9.8 -2025-03-04
CVE-2025-1937 Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 9.8 -2025-03-04
CVE-2025-1935 Clickjacking the registerProtocolHandler info-bar 7.1 -2025-03-04
CVE-2025-1942 Disclosure of uninitialized memory when .toUpperCase() causes string to get longer --2025-03-04
CVE-2025-1936 Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents 7.5 -2025-03-04
CVE-2025-1934 Unexpected GC during RegExp bailout processing 6.5 -2025-03-04
CVE-2025-1941 Lock screen setting bypass in Firefox Focus for Android 9.8 -2025-03-04
CVE-2025-1940 Android Intent confirmation prompt tapjacking using Select options 4.3 -2025-03-04
CVE-2025-1932 Inconsistent comparator in XSLT sorting led to out-of-bounds access 8.8 -2025-03-04
CVE-2025-1933 JIT corruption of WASM i32 return values on 64-bit CPUs 8.1 -2025-03-04
CVE-2025-1931 Use-after-free in WebTransportChild 9.8 -2025-03-04
CVE-2025-1939 Tapjacking in Android Custom Tabs using transition animations 6.5 -2025-03-04
CVE-2025-1930 AudioIPC StreamData could trigger a use-after-free in the Browser process 10.0 -2025-03-04
CVE-2025-1414 Memory safety bugs fixed in Firefox 135.0.1 9.8 -2025-02-18
CVE-2025-1017 Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7 9.8 -2025-02-04
CVE-2025-1020 Memory safety bugs fixed in Firefox 135 and Thunderbird 135 9.8 -2025-02-04
CVE-2025-1016 Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird 128.7 9.8 -2025-02-04
CVE-2025-1014 Certificate length was not properly checked 8.1 -2025-02-04
CVE-2025-1013 Potential opening of private browsing tabs in normal browsing windows 5.9 -2025-02-04
CVE-2025-1019 Fullscreen notification not properly displayed 5.3 -2025-02-04
CVE-2025-1012 Use-after-free during concurrent delazification 8.1 -2025-02-04
CVE-2025-1011 A bug in WebAssembly code generation could result in a crash 8.8 -2025-02-04
CVE-2025-1018 Fullscreen notification is not displayed when fullscreen is re-requested 3.1 -2025-02-04
CVE-2025-1010 Use-after-free in Custom Highlight 9.8 -2025-02-04
CVE-2025-1009 Use-after-free in XSLT 9.8 -2025-02-04
CVE-2025-0247 Memory safety bugs fixed in Firefox 134 and Thunderbird 134 9.8 -2025-01-07
CVE-2025-0240 Compartment mismatch when parsing JavaScript JSON module 8.8 -2025-01-07
CVE-2025-0243 Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 9.8 -2025-01-07

All 1233 known CVE vulnerabilities affecting Firefox with full Chinese analysis, references, and POCs where available.