Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 1.2.1 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2004-0597
Multiple buffer overflows in libpng 1.2.5 and previous versions, as used in multiple products, allow remote malicious users to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tR...
Microsoft Windows Messenger 5.0
Greg Roelofs Libpng
Microsoft Msn Messenger 6.1
Microsoft Msn Messenger 6.2
Microsoft Windows Media Player 9
Microsoft Windows 98se
Microsoft Windows Me
3 EDB exploits
2 Github repositories
7.5
CVSSv2
CVE-2003-0594
Mozilla allows remote malicious users to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerabl...
Mozilla Mozilla 1.1
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.4.2
Mozilla Mozilla 1.0
Mozilla Mozilla 1.3
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.2
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.0.2
6.8
CVSSv2
CVE-2011-4140
The CSRF protection mechanism in Django up to and including 1.2.7 and 1.3.x up to and including 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote malicious users to trigger unauthenticated forged requests via vect...
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.1.3
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
6.8
CVSSv2
CVE-2004-0191
Mozilla prior to 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.6
Mozilla Mozilla 0.9.7
Mozilla Mozilla 1.0
Mozilla Mozilla 1.1
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.4
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.2
Mozilla Mozilla 1.5
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.48
Mozilla Mozilla 0.9.5
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.3
Mozilla Mozilla 0.9.3
Mozilla Mozilla 0.9.35
Mozilla Mozilla 0.9.8
6.4
CVSSv2
CVE-2005-4685
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote malicious users to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by ...
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5
Mozilla Firefox Preview Release
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 0.9.48
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.2
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7.11
Mozilla Mozilla 1.7.12
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.9
Mozilla Mozilla 1.7
Mozilla Mozilla 1.8
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0.7
Mozilla Mozilla 0.9.35
5.8
CVSSv2
CVE-2011-4136
django.contrib.sessions in Django prior to 1.2.7 and 1.3.x prior to 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote malicious users to modify a session by triggering use of a key ...
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
5.1
CVSSv2
CVE-2009-2409
The Network Security Services (NSS) library prior to 3.12.3, as used in Firefox; GnuTLS prior to 2.6.4 and 2.7.4; OpenSSL 0.9.8 up to and including 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote malicious users to spoof certificates by us...
Mozilla Firefox
Mozilla Nss
Mozilla Nss 3.0
Mozilla Nss 3.2
Mozilla Nss 3.2.1
Mozilla Nss 3.3
Mozilla Nss 3.3.1
Mozilla Nss 3.3.2
Mozilla Nss 3.4
Mozilla Nss 3.4.1
Mozilla Nss 3.4.2
Mozilla Nss 3.4.3
Mozilla Nss 3.5
Mozilla Nss 3.6
Mozilla Nss 3.6.1
Mozilla Nss 3.7
Mozilla Nss 3.7.1
Mozilla Nss 3.7.2
Mozilla Nss 3.7.3
Mozilla Nss 3.7.5
Mozilla Nss 3.7.7
Mozilla Nss 3.8
5.1
CVSSv2
CVE-2004-0909
Mozilla Firefox before the Preview Release, Mozilla prior to 1.7.3, and Thunderbird prior to 0.8 may allow remote malicious users to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enableP...
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.3
Mozilla Mozilla 0.9.7
Mozilla Mozilla 0.9.8
Mozilla Mozilla 1.1
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 0.9.48
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.0
Mozilla Mozilla 1.2
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7
Mozilla Thunderbird 0.5
Mozilla Thunderbird 0.6
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.5
Mozilla Mozilla 0.9.6
Mozilla Mozilla 1.3
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.5.1
5
CVSSv2
CVE-2011-4137
The verify_exists functionality in the URLField implementation in Django prior to 1.2.7 and 1.3.x prior to 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote malicious users to cause a denial of service (resource consumpt...
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
5
CVSSv2
CVE-2011-4138
The verify_exists functionality in the URLField implementation in Django prior to 1.2.7 and 1.3.x prior to 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote m...
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »