Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla gecko vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
5.3
CVSSv3
CVE-2017-5426
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to ...
Mozilla Firefox
Mozilla Thunderbird
7.5
CVSSv3
CVE-2017-5425
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow a...
Mozilla Firefox
Mozilla Thunderbird
NA
CVE-2014-8643
Mozilla Firefox prior to 35.0 on Windows allows remote malicious users to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
1 Article
NA
CVE-2012-1951
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows rem...
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
NA
CVE-2012-1952
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 does not properly perform a cast of a frame varia...
Mozilla Firefox 4.0
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 5.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
NA
CVE-2012-1953
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows remote malicious users to cause...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
NA
CVE-2012-1954
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows remote maliciou...
Mozilla Firefox 4.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
NA
CVE-2012-0449
Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitra...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
NA
CVE-2012-0442
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 allow remote malicious users to cause a denial of service (memory...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »