Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
epiphany vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) up to and including 3.28.2.1 allows remote malicious users to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
Gnome Epiphany
1 Github repository
7.5
CVSSv3
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 prior to 3.23.5, 3.22 prior to 3.22.6, 3.20 prior to 3.20.7, 3.18 prior to 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
Gnome Epiphany 3.23.1.2
Gnome Epiphany 3.18.0
Gnome Epiphany 3.18.1
Gnome Epiphany 3.18.4
Gnome Epiphany 3.18.6
Gnome Epiphany 3.20.0
Gnome Epiphany 3.20.2
Gnome Epiphany 3.20.4
Gnome Epiphany 3.22.2
Gnome Epiphany 3.22.4
Gnome Epiphany 3.18.2
Gnome Epiphany 3.20.5
Gnome Epiphany 3.20.6
Gnome Epiphany 3.22.0
Gnome Epiphany 3.22.1
Gnome Epiphany 3.18.7
Gnome Epiphany 3.18.8
Gnome Epiphany 3.18.9
Gnome Epiphany 3.18.10
Gnome Epiphany 3.23.1
Gnome Epiphany 3.23.2
Gnome Epiphany 3.23.3
9.8
CVSSv3
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote malicious users to execute arbitrary SQL commands via a crafted URL.
Epiphanyhealthdata Cardio Server 3.3
9.8
CVSSv3
CVE-2015-6538
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote malicious users to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL.
Ephiphanyheathdata Cardio Server 4.1
Ephiphanyheathdata Cardio Server 4.0
Ephiphanyheathdata Cardio Server 3.3
NA
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle malicious users to spoof arbitrary https web sites via a crafted ...
Gnome Epiphany 2.28
Gnome Epiphany 2.29
NA
CVE-2010-2751
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to spoof the SSL security status of a document via vectors involving multi...
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.6
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.3
NA
CVE-2010-2752
Integer overflow in an array class in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code by placing many Cascading Style Sh...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.0.1
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.2
Mozilla Thunderbird 3.0.3
Mozilla Seamonkey 1.0.5
1 EDB exploit
8.8
CVSSv3
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code via a large selection attribute in a XUL tree elemen...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird 3.1
Mozilla Thunderbird
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 11
NA
CVE-2010-1207
Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote malicious users to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.4
Mozilla Firefox
Mozilla Firefox 3.6.3
Mozilla Thunderbird
8.8
CVSSv3
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »