Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
6.8
CVSSv2
CVE-2018-5123
A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions before 4.4.
Mozilla Bugzilla
4.3
CVSSv2
CVE-2018-12384
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact T...
Mozilla Network Security Services
1 Github repository
5
CVSSv2
CVE-2019-9797
Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.
Mozilla Firefox
5.8
CVSSv2
CVE-2017-7771
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Pass::readPass function.
Mozilla Firefox
Sil Graphite2
6.8
CVSSv2
CVE-2017-7773
Heap-based Buffer Overflow write in Graphite2 library in Firefox prior to 54 in lz4::decompress src/Decompressor.
Mozilla Firefox
Sil Graphite2
6.4
CVSSv2
CVE-2017-7774
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Silf::readGraphite function.
Mozilla Firefox
Sil Graphite2
5.8
CVSSv2
CVE-2017-7776
Heap-based Buffer Overflow read in Graphite2 library in Firefox prior to 54 in graphite2::Silf::getClassGlyph.
Sil Graphite2
Mozilla Firefox
6.8
CVSSv2
CVE-2017-7777
Use of uninitialized memory in Graphite2 library in Firefox prior to 54 in graphite2::GlyphCache::Loader::read_glyph function.
Sil Graphite2
Mozilla Firefox
NA
CVE-2017-7775
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »