Vulnerabilities > Mozilla
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-0510 | Unspecified vulnerability in Mozilla Thunderbird Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is described in CVE-2024-49040. | 6.5 |
| 2025-02-04 | CVE-2025-1009 | Use After Free vulnerability in Mozilla Firefox An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. | 9.8 |
| 2025-02-04 | CVE-2025-1010 | Use After Free vulnerability in Mozilla Firefox An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. | 8.8 |
| 2025-02-04 | CVE-2025-1011 | Unspecified vulnerability in Mozilla Firefox A bug in WebAssembly code generation could have lead to a crash. | 8.8 |
| 2025-02-04 | CVE-2025-1012 | Use After Free vulnerability in Mozilla Firefox A race during concurrent delazification could have led to a use-after-free. | 7.5 |
| 2025-02-04 | CVE-2025-1014 | Improper Certificate Validation vulnerability in Mozilla Firefox Certificate length was not properly checked when added to a certificate store. | 8.8 |
| 2025-02-04 | CVE-2025-1015 | Unspecified vulnerability in Mozilla Thunderbird The Thunderbird Address Book URI fields contained unsanitized links. | 5.4 |
| 2025-02-04 | CVE-2025-1016 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1017 | Out-of-bounds Write vulnerability in Mozilla Firefox Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. | 9.8 |
| 2025-02-04 | CVE-2025-1018 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. | 5.3 |