Shodan
Vulnerabilities
Vulnerable Software
Mozilla:  >> Firefox  >> 107.0.1  Security Vulnerabilities
CVE-2025-13013
Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and Firefox ESR < 115.30.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13014
Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and Firefox ESR < 115.30.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13015
Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and Firefox ESR < 115.30.
CVSS Score
3.4
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13016
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13017
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-13018
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-11-11
CVE-2025-11717
When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox < 144.
CVSS Score
9.1
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11718
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event This vulnerability affects Firefox < 144.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11720
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This vulnerability affects Firefox < 144.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-10-14
CVE-2025-11709
A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability affects Firefox < 144, Firefox ESR < 115.29, Firefox ESR < 140.4, Thunderbird < 144, and Thunderbird < 140.4.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved