Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 3.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1028
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 prior to 3.6.2 and 3.7 prior to 3.7 alpha 3 allows remote malicious users to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as d...
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6
Mozilla Firefox 3.7
NA
CVE-2009-3010
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and previous versions do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS...
Mozilla Seamonkey 1.1.17
Mozilla Firefox 3.5
Mozilla Firefox
Mozilla Mozilla
Mozilla Firefox 3.7
Mozilla Firefox 3.6
NA
CVE-2009-3012
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Locatio...
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5
Mozilla Firefox 3.7
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.5
Mozilla Firefox
Mozilla Firefox 3.6
NA
CVE-2009-3014
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and previous versions do not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote malic...
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.9
Mozilla Mozilla 0.9.48
Mozilla Mozilla 0.9.35
Mozilla Mozilla 1.0
Mozilla Mozilla 0.9.8
Mozilla Mozilla 1.2
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.5
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.6
Mozilla Firefox 3.7
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.7
Mozilla Mozilla 0.9.9
Mozilla Mozilla 1.1
Mozilla Mozilla 1.5.1
7.5
CVSSv3
CVE-2019-11719
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox &l...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
4.7
CVSSv3
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
5.3
CVSSv3
CVE-2020-6829
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been com...
Mozilla Firefox
4.7
CVSSv3
CVE-2020-12400
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
8.8
CVSSv3
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
Mozilla Firefox
NA
CVE-2012-0441
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) prior to 3.13.4, as used in Firefox 4.x up to and including 12.0, Firefox ESR 10.x prior to 10.0.5, Thunderbird 5.0 up to and including 12.0, Thunderbird ESR 10.x prior to 10.0.5, and SeaMonkey p...
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0.1
Mozilla Thunderbird 10.0.1
Mozilla Thunderbird 10.0
Mozilla Thunderbird 10.0.4
Mozilla Thunderbird Esr 10.0.4
Mozilla Seamonkey
Mozilla Seamonkey 2.8
Mozilla Seamonkey 2.7
Mozilla Seamonkey 2.6.1
Mozilla Seamonkey 2.5
Mozilla Seamonkey 2.4
Mozilla Seamonkey 2.3
Mozilla Firefox 7.0
Mozilla Firefox 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »