Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.5.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0180
Install/Filesystem.pm in Bugzilla 3.5.1 up to and including 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the ...
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
NA
CVE-2010-2470
Install/Filesystem.pm in Bugzilla 3.5.1 up to and including 3.6.1 and 3.7 up to and including 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files i...
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
NA
CVE-2009-3386
Template.pm in Bugzilla 3.3.2 up to and including 3.4.3 and 3.5 up to and including 3.5.1 allows remote malicious users to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
NA
CVE-2009-3387
Bugzilla 3.3.1 up to and including 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote malicious users to obtain sensitive information via a request for a bug in oppo...
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.3.1
NA
CVE-2012-0465
Bugzilla 3.5.x and 3.6.x prior to 3.6.9, 3.7.x and 4.0.x prior to 4.0.6, and 4.1.x and 4.2.x prior to 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote malicious users to bypass the lockout policy vi...
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 4.2
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 4.0.1
Mozilla Bugzilla 3.6.4
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 4.0.2
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 4.0.5
Mozilla Bugzilla 4.1.2
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.6.6
Mozilla Bugzilla 4.0.3
Mozilla Bugzilla 4.0.4
Mozilla Bugzilla 3.6.5
NA
CVE-2012-0440
Cross-site request forgery (CSRF) vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x prior to 3.6.8, 3.7.x and 4.0.x prior to 4.0.4, and 4.1.x and 4.2.x prior to 4.2rc2 allows remote malicious users to hijack the authentication of arbitrary users for requests that use the J...
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.6.4
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6.6
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 4.0.1
Mozilla Bugzilla 4.0
Mozilla Bugzilla 4.0.2
Mozilla Bugzilla 4.0.3
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 4.1.1
NA
CVE-2010-1204
Search.pm in Bugzilla 2.17.1 up to and including 3.2.6, 3.3.1 up to and including 3.4.6, 3.5.1 up to and including 3.6, and 3.7 allows remote malicious users to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart searc...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.6
NA
CVE-2010-2759
Bugzilla 2.23.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticate...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
NA
CVE-2010-2757
The sudo feature in Bugzilla 2.22rc1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to imperson...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.22.6
NA
CVE-2010-2756
Search.pm in Bugzilla 2.19.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 allows remote malicious users to determine the group memberships of arbitrary users via vectors involving the Search interfa...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 2.20.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »