Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 1.7.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-25315
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in storeRawNames.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) prior to 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
2.6
CVSSv2
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x prior to 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Libpng Libpng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Java Se 8u212
Oracle Java Se 7u221
Oracle Mysql
Oracle Hyperion Infrastructure Technology 11.2.6.0
Hpe Xp7 Command View Advanced Edition Suite
Hp Xp7 Command View
Mozilla Thunderbird -
Mozilla Firefox Esr -
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Package Hub -
Netapp Cloud Backup -
7.5
CVSSv2
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
9.3
CVSSv2
CVE-2012-3993
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox prior to 16.0, Firefox ESR 10.x prior to 10.0.8, Thunderbird prior to 16.0, Thunderbird ESR 10.x prior to 10.0.8, and SeaMonkey prior to 2.13 does not properly interact with failures of InstallTrigger methods, whic...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.6
Mozilla Firefox Esr 10.0.7
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Thunderbird Esr 10.0.5
Mozilla Thunderbird Esr 10.0.6
Mozilla Thunderbird Esr 10.0.7
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
1 EDB exploit
6.9
CVSSv2
CVE-2012-3974
Untrusted search path vulnerability in the installer in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, and Thunderbird ESR 10.x prior to 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a ro...
Mozilla Firefox 11.0
Mozilla Firefox 10.0.2
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 4.0
Mozilla Firefox 3.6.23
Mozilla Firefox 3.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.6.17
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.21
Mozilla Firefox 3.0.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.6
Mozilla Firefox 2.0.0.17
4.3
CVSSv2
CVE-2012-3975
The DOMParser component in Mozilla Firefox prior to 15.0, Thunderbird prior to 15.0, and SeaMonkey prior to 2.12 loads subresources during parsing of text/html data within an extension, which allows remote malicious users to obtain sensitive information by providing crafted data ...
Mozilla Firefox 12.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.18
Mozilla Firefox 3.0.16
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.20
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.12
Mozilla Firefox 3.6.15
Mozilla Firefox 3.0.13
Mozilla Firefox 3.5.3
Mozilla Firefox 13.0
Mozilla Firefox
6.8
CVSSv2
CVE-2012-3978
The nsLocation::CheckURL function in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, Thunderbird ESR 10.x prior to 10.0.7, and SeaMonkey prior to 2.12 does not properly follow the security model of the location object, which allows remo...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.6
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
Mozilla Thunderbird Esr 10.0.5
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.6
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0
Mozilla Firefox 4.0
Mozilla Firefox 12.0
Mozilla Firefox 11.0
9.3
CVSSv2
CVE-2012-3980
The web console in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, and Thunderbird ESR 10.x prior to 10.0.7 allows user-assisted remote malicious users to execute arbitrary JavaScript code with chrome privileges via a crafted web site t...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.6
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.12
Mozilla Firefox 3.6.8
Mozilla Firefox 3.5.8
Mozilla Firefox 10.0.2
Mozilla Firefox 10.0
Mozilla Firefox 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »