Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox esr 10.0 vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2012-1939
jsinfer.cpp in Mozilla Firefox ESR 10.x prior to 10.0.5 and Thunderbird ESR 10.x prior to 10.0.5 does not properly determine data types, which allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code v...
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
383
VMScore
CVE-2012-0455
Mozilla Firefox prior to 3.6.28 and 4.x up to and including 10.0, Firefox ESR 10.x prior to 10.0.3, Thunderbird prior to 3.1.20 and 5.0 up to and including 10.0, Thunderbird ESR 10.x prior to 10.0.3, and SeaMonkey prior to 2.8 do not properly restrict drag-and-drop operations on ...
Mozilla Firefox
Mozilla Firefox 4.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 9.0
Mozilla Firefox 6.0
Mozilla Firefox 7.0.1
Mozilla Firefox Esr 10.2
Mozilla Firefox Esr 10.1
Mozilla Firefox Esr 10.0
Mozilla Thunderbird
Mozilla Thunderbird 5.0
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
570
VMScore
CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
383
VMScore
CVE-2012-1965
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not properly establish the security context of a feed: URL, which allows remote malicious users to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
Mozilla Firefox 4.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
383
VMScore
CVE-2012-1966
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted URL.
Mozilla Firefox 4.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 13.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
NA
CVE-2024-0741
An out of bounds write in ANGLE could have allowed an malicious user to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0742
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0746
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0747
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0749
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »