Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 5.0 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2011-3655
Mozilla Firefox 4.x up to and including 7.0 and Thunderbird 5.0 up to and including 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote malicious users to gain privileges via a crafted web site.
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0
2.1
CVSSv2
CVE-2003-1265
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
Netscape Navigator 7.0
Mozilla Mozilla 5.0
4.3
CVSSv2
CVE-2012-0455
Mozilla Firefox prior to 3.6.28 and 4.x up to and including 10.0, Firefox ESR 10.x prior to 10.0.3, Thunderbird prior to 3.1.20 and 5.0 up to and including 10.0, Thunderbird ESR 10.x prior to 10.0.3, and SeaMonkey prior to 2.8 do not properly restrict drag-and-drop operations on ...
Mozilla Firefox
Mozilla Firefox 4.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 9.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox Esr 10.2
Mozilla Firefox Esr 10.1
Mozilla Firefox Esr 10.0
Mozilla Thunderbird
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
9.3
CVSSv2
CVE-2011-2993
The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x prior to 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote malicious users to bypass the Same Origin Poli...
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 5.0
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 2.0.6
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.1
Mozilla Seamonkey 2.0.5
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.0.2
Mozilla Seamonkey 2.0.11
Mozilla Seamonkey 2.0.9
Mozilla Seamonkey 2.0.7
10
CVSSv2
CVE-2011-2988
Buffer overflow in an unspecified string class in the WebGL shader implementation in Mozilla Firefox 4.x through 5, Thunderbird prior to 6, SeaMonkey 2.x prior to 2.3, and possibly other products allows remote malicious users to execute arbitrary code or cause a denial of service...
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 2.0.5
Mozilla Seamonkey 2.1
Mozilla Seamonkey 2.2
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 5.0
Mozilla Seamonkey 2.0.11
Mozilla Seamonkey 2.0.12
Mozilla Seamonkey 2.0.6
Mozilla Seamonkey 2.0.7
Mozilla Thunderbird
Mozilla Seamonkey 2.0.2
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.13
Mozilla Seamonkey 2.0.14
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.0.9
6.4
CVSSv2
CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
4.3
CVSSv2
CVE-2012-1965
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not properly establish the security context of a feed: URL, which allows remote malicious users to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
Mozilla Firefox 4.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
4.3
CVSSv2
CVE-2012-1966
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted URL.
Mozilla Firefox 4.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 13.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
7.5
CVSSv2
CVE-2011-3671
Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x up to and including 8.0, Thunderbird 5.0 up to and including 8.0, and SeaMonkey prior to 2.6 allows remote malicious users to execute arbitrary code via vectors invo...
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0.2
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 2.0.6
Mozilla Seamonkey 2.0.5
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.18
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 2.0.8
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0
10
CVSSv2
CVE-2011-3660
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x up to and including 8.0, Thunderbird 5.0 up to and including 8.0, and SeaMonkey prior to 2.6 allow remote malicious users to cause a denial of service (memory corruption and application crash) or po...
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Seamonkey 1.1.16
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0.2
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0
Mozilla Seamonkey 2.0.6
Mozilla Seamonkey 2.0.5
Mozilla Seamonkey 1.0
Mozilla Seamonkey 2.0.12
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.1
Mozilla Seamonkey 2.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »