Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2017-7774
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Silf::readGraphite function.
Mozilla Firefox
Sil Graphite2
8.8
CVSSv3
CVE-2018-5123
A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions before 4.4.
Mozilla Bugzilla
8.8
CVSSv3
CVE-2017-7773
Heap-based Buffer Overflow write in Graphite2 library in Firefox prior to 54 in lz4::decompress src/Decompressor.
Mozilla Firefox
Sil Graphite2
8.8
CVSSv3
CVE-2017-7777
Use of uninitialized memory in Graphite2 library in Firefox prior to 54 in graphite2::GlyphCache::Loader::read_glyph function.
Sil Graphite2
Mozilla Firefox
8.8
CVSSv3
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox prior to 54 in lz4::decompress function.
Mozilla Firefox
Sil Graphite2
8.1
CVSSv3
CVE-2017-7771
Out-of-bounds read in Graphite2 Library in Firefox prior to 54 in graphite2::Pass::readPass function.
Mozilla Firefox
Sil Graphite2
8.1
CVSSv3
CVE-2017-7776
Heap-based Buffer Overflow read in Graphite2 library in Firefox prior to 54 in graphite2::Silf::getClassGlyph.
Sil Graphite2
Mozilla Firefox
7.5
CVSSv3
CVE-2019-15903
In libexpat prior to 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Libexpat Project Libexpat
Python Python
6.1
CVSSv3
CVE-2016-2803
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 up to and including 4.4.11, and 4.5.1 up to and including 5.0.2 allows remote malicious users to inject arbitrary web script or HTML.
Mozilla Bugzilla 5.0
Mozilla Bugzilla 4.5.1
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 4.2.6
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.5
Mozilla Bugzilla 4.4.6
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4.13
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.10
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.6
5.9
CVSSv3
CVE-2018-12384
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.39. This does not impact T...
Mozilla Network Security Services
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »