Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpcom xpcom vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-2414
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote malicious users to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part o...
Xpcom Xpcom
1 EDB exploit
NA
CVE-2006-3113
Mozilla Firefox 1.5 prior to 1.5.0.5, Thunderbird prior to 1.5.0.5, and SeaMonkey prior to 1.0.3 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a wa...
Mozilla Seamonkey 1.0.1
Mozilla Firefox 1.5.0.3
Mozilla Seamonkey 1.0
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.2
Mozilla Thunderbird 1.5
Mozilla Thunderbird 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.1
Mozilla Thunderbird 1.5.0.4
9.8
CVSSv3
CVE-2005-2354
Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.
Nvu Nvu 0.99
NA
CVE-2005-1155
The favicon functionality in Firefox prior to 1.0.3 and Mozilla Suite prior to 1.7.7 allows remote malicious users to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking."
Mozilla Firefox 0.8
Mozilla Mozilla 1.7
Mozilla Mozilla 1.5
Mozilla Firefox 1.0.2
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.7.5
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Mozilla 1.6
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.3
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7.6
Mozilla Mozilla 1.7.1
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Firefox 0.9.2
Mozilla Mozilla 1.7.2
Mozilla Firefox 0.10
Mozilla Mozilla 1.7.3
NA
CVE-2010-0220
The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox prior to 3.5.7 allows remote malicious users to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory al...
Mozilla Firefox 0.1
Mozilla Firefox 0.8
Mozilla Firefox 1.5
Mozilla Firefox 3.5.3
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 2.0.0.2
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.5
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 2.0.0.7
Mozilla Firefox 1.0.7
NA
CVE-2015-7221
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox prior to 43.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
Mozilla Firefox
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2009-3374
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows rem...
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.11
8.8
CVSSv3
CVE-2023-25732
When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 1...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
NA
CVE-2005-1477
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when combined with vulnerabili...
Mozilla Firefox 1.0.3
1 EDB exploit
NA
CVE-2005-2704
Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12 allows remote malicious users to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
Mozilla Firefox 1.0.2
Mozilla Firefox
Mozilla Mozilla Suite
Mozilla Mozilla Suite 1.7.10
Mozilla Firefox 1.0.4
Mozilla Mozilla Suite 1.7.8
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.3
Mozilla Mozilla Suite 1.7.7
Mozilla Mozilla Suite 1.7.6
Mozilla Firefox 1.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »