Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 1.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-2714
The BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users via the audience identifier.
Browserid Project Browserid 7.x-1.0
Browserid Project Browserid 7.x-1.1
Browserid Project Browserid 7.x-1.2
7.5
CVSSv2
CVE-2016-1978
Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, allows remote malicious users to cause a denial of service or possibly have unspecified other impact b...
Mozilla Firefox
Mozilla Network Security Services
7.5
CVSSv2
CVE-2003-0594
Mozilla allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerabl...
Mozilla Mozilla 1.1
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.4.2
Mozilla Mozilla 1.0
Mozilla Mozilla 1.3
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.2
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.0.2
6.8
CVSSv2
CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 da...
Mozilla Network Security Services 3.21
Mozilla Network Security Services 3.19.2
Mozilla Network Security Services 3.20
Mozilla Network Security Services 3.20.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Oracle Linux 5.0
Oracle Vm Server 3.2
Oracle Linux 7
Oracle Linux 6
6.8
CVSSv2
CVE-2012-2713
Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that login a user to another web site.
Browserid Project Browserid 7.x-1.1
Browserid Project Browserid 7.x-1.2
6.8
CVSSv2
CVE-2011-4140
The CSRF protection mechanism in Django up to and including 1.2.7 and 1.3.x up to and including 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote malicious users to trigger unauthenticated forged requests via vect...
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.1.3
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
6.8
CVSSv2
CVE-2009-1194
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango prior to 1.24 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-bas...
Pango Pango 1.6
Pango Pango 1.14
Pango Pango 1.16
Pango Pango 1.8
Pango Pango 1.4
Pango Pango
Pango Pango 1.10
Pango Pango 1.2
Pango Pango 1.18
Pango Pango 1.12
Pango Pango 1.20
3 Github repositories
6.8
CVSSv2
CVE-2009-0040
The PNG reference library (aka libpng) prior to 1.0.43, and 1.2.x prior to 1.2.35, as used in pngcrush and other applications, allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that ...
Libpng Libpng
Apple Iphone Os
Apple Mac Os X
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise 10.0
Suse Linux Enterprise 9.0
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Fedoraproject Fedora 10
Fedoraproject Fedora 9
6.8
CVSSv2
CVE-2004-0191
Mozilla prior to 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.6
Mozilla Mozilla 0.9.7
Mozilla Mozilla 1.0
Mozilla Mozilla 1.1
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.4
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.2
Mozilla Mozilla 1.5
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.48
Mozilla Mozilla 0.9.5
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.3
Mozilla Mozilla 0.9.3
Mozilla Mozilla 0.9.35
Mozilla Mozilla 0.9.8
6.4
CVSSv2
CVE-2016-1938
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, improperly divides numbers, which might make it easier for remote malicious users to defeat cryptographic protection mechanisms by lev...
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Mozilla Nss
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »