Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla gecko vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-30117
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agen...
Kaseya Vsa
7.5
CVSSv3
CVE-2017-5425
The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of "/private/var" that could expose personal or temporary data. This has been updated to not allow a...
Mozilla Firefox
Mozilla Thunderbird
5.3
CVSSv3
CVE-2017-5426
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to ...
Mozilla Firefox
Mozilla Thunderbird
NA
CVE-2014-8643
Mozilla Firefox prior to 35.0 on Windows allows remote malicious users to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the OpenH264 plugin's process.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
1 Article
NA
CVE-2012-1952
The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 does not properly perform a cast of a frame varia...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 13.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
NA
CVE-2012-1953
The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows remote malicious users to cause...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 13.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
NA
CVE-2012-1951
Use-after-free vulnerability in the nsSMILTimeValueSpec::IsEventBased function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows rem...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 13.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
NA
CVE-2012-1954
Use-after-free vulnerability in the nsDocument::AdoptNode function in Mozilla Firefox 4.x up to and including 13.0, Firefox ESR 10.x prior to 10.0.6, Thunderbird 5.0 up to and including 13.0, Thunderbird ESR 10.x prior to 10.0.6, and SeaMonkey prior to 2.11 allows remote maliciou...
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 13.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
NA
CVE-2011-3659
Use-after-free vulnerability in Mozilla Firefox prior to 3.6.26 and 4.x up to and including 9.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 9.0, and SeaMonkey prior to 2.7 might allow remote malicious users to execute arbitrary code via vectors related to incorrect A...
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.4
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
1 EDB exploit
2 Github repositories
NA
CVE-2011-3670
Mozilla Firefox prior to 3.6.26 and 4.x up to and including 6.0, Thunderbird prior to 3.1.18 and 5.0 up to and including 6.0, and SeaMonkey prior to 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote malicious users to obtain sensitive information by...
Mozilla Firefox 0.1
Mozilla Firefox 3.6.2
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 1.5
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 3.0.9
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 3.6.3
Mozilla Firefox 2.0.0.2
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 3.5.6
Mozilla Firefox 3.0.8
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »