Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 1.5.6  Security Vulnerabilities
CVE-2025-10535
Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-16
CVE-2025-10530
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 143 and Thunderbird 143.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-09-16
CVE-2025-10531
Mitigation bypass in the Web Compatibility: Tooling component. This vulnerability was fixed in Firefox 143 and Thunderbird 143.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-09-16
CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and Thunderbird 140.
CVSS Score
8.1
EPSS Score
0.005
Published
2025-06-24
CVE-2025-6436
Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 140 and Thunderbird 140.
CVSS Score
8.1
EPSS Score
0.005
Published
2025-06-24
CVE-2025-49710
An integer overflow was present in `OrderedHashTable` used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-06-11
CVE-2025-49709
Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-06-11
CVE-2025-5272
Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
7.3
EPSS Score
0.004
Published
2025-05-27
CVE-2025-5270
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-05-27
CVE-2025-5271
Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks. This vulnerability was fixed in Firefox 139 and Thunderbird 139.
CVSS Score
6.5
EPSS Score
0.003
Published
2025-05-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved