Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 0.9 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
4.3
CVSSv2
CVE-2011-3656
Cross-site scripting (XSS) vulnerability in Mozilla Firefox prior to 3.6.24 and 4.x through 7 allows remote malicious users to inject arbitrary web script or HTML via vectors involving HTTP 0.9 errors, non-default ports, and content-sniffing.
Mozilla Firefox
7.5
CVSSv2
CVE-2015-0823
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox prior to 36.0, might allow remote malicious users to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, rela...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opentype Sanitiser Project Opentype Sanitiser
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.12
Mozilla Firefox 3.5.11
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.14
6.8
CVSSv2
CVE-2015-0828
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox prior to 36.0, when a nonstandard memory allocator is used, allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScr...
Oracle Solaris 11.3
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox 3.6.28
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
6.8
CVSSv2
CVE-2015-0829
Buffer overflow in libstagefright in Mozilla Firefox prior to 36.0 allows remote malicious users to execute arbitrary code via a crafted MP4 video that is improperly handled during playback.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 33.0
Mozilla Firefox 32.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
1 Article
5
CVSSv2
CVE-2015-0830
The WebGL implementation in Mozilla Firefox prior to 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote malicious users to cause a denial of service (application crash) via crafted WebGL content.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.14
Mozilla Firefox 3.0.13
6.8
CVSSv2
CVE-2015-0831
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to execute arbitrary code or cause a denial of service (...
Mozilla Thunderbird
Mozilla Thunderbird 31.3
Mozilla Thunderbird 31.0
Mozilla Thunderbird 31.2
Mozilla Thunderbird 31.1.2
Mozilla Firefox 33.0
Mozilla Firefox 32.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
1 Article
5
CVSSv2
CVE-2015-0832
Mozilla Firefox prior to 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle malicious users to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.1
6.9
CVSSv2
CVE-2015-0833
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 on Windows, when the Maintenance Service is not used, allow local users to gain privileges via a Trojan horse DLL in (1) t...
Opensuse Evergreen 11.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.28
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.13
Mozilla Firefox 3.6.12
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5.14
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.18
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.1
Mozilla Firefox 33.0
4.3
CVSSv2
CVE-2015-0834
The WebRTC subsystem in Mozilla Firefox prior to 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle malicious users to discover credentials by spoofing a server and completing a brute-force at...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »