Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nss vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2006-4569
The popup blocker in Mozilla Firefox prior to 1.5.0.7 opens the "blocked popups" display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted malicious users to conduct cross-site...
Mozilla Firefox
383
VMScore
CVE-2007-0800
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote malicious users to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup.
Mozilla Firefox 1.5.0.9
383
VMScore
CVE-2007-0995
Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote malicious users to bypass content filters that use regular expressions.
Mozilla Firefox 2.0.0.1
Mozilla Seamonkey
Mozilla Firefox 1.5.0.10
Mozilla Firefox 2.0
570
VMScore
CVE-2007-0779
GUI overlay vulnerability in Mozilla Firefox 1.5.x prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 allows remote malicious users to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a l...
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0
Mozilla Firefox 0.8
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.8
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
231
VMScore
CVE-2006-4567
Mozilla Firefox prior to 1.5.0.7 and Thunderbird prior to 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted malicious users to use DNS spoofing to trick users into visiting a malicious site and...
Mozilla Firefox
Mozilla Thunderbird
642
VMScore
CVE-2015-5277
The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) prior to 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Gnu Glibc
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
605
VMScore
CVE-2007-0780
browser.js in Mozilla Firefox 1.5.x prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 uses the requesting URI to identify child windows, which allows remote malicious users to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
481
VMScore
CVE-2007-0778
The page cache feature in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote malicious users to obtain sensitive information or enab...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 5.10
Debian Debian Linux 3.1
516
VMScore
CVE-2007-0996
The child frames in Mozilla Firefox prior to 1.5.0.10 and 2.x prior to 2.0.0.2, and SeaMonkey prior to 1.0.8 inherit the default charset from the parent window, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 char...
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.6
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.5.0.8
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.7
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.9
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
445
VMScore
CVE-2006-6077
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and previous versions; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for...
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
Mozilla Firefox
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.2
Mozilla Firefox 2.0
Netscape Navigator 8.1.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »