Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.14.5 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0013
The default .htaccess scripts for Bugzilla 2.14.x prior to 2.14.5, 2.16.x prior to 2.16.2, and 2.17.x prior to 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote malicious users to ob...
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16
6.8
CVSSv2
CVE-2013-1734
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that co...
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
6.8
CVSSv2
CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account se...
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.9
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.4.12
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.9
6.8
CVSSv2
CVE-2011-3668
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that create bug reports.
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.19.2
6.8
CVSSv2
CVE-2011-3669
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that upload attachments.
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.23
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
6.8
CVSSv2
CVE-2011-0046
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2 allow remote malicious users to hijack the authentication of arbitrary users for requests related to (1) adding a saved s...
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 4.0
Mozilla Bugzilla 2.19
5.8
CVSSv2
CVE-2009-0482
Cross-site request forgery (CSRF) vulnerability in Bugzilla prior to 3.2 prior to 3.2.1, 3.3 prior to 3.3.2, and other versions prior to 3.2 allows remote malicious users to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.2
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
5.8
CVSSv2
CVE-2009-0483
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 prior to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cg...
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.18.7
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.4
5
CVSSv2
CVE-2014-1572
The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x up to and including 4.0.x prior to 4.0.15, 4.1.x and 4.2.x prior to 4.2.11, 4.3.x and 4.4.x prior to 4.4.6, and 4.5.x prior to 4.5.6 does not specify a scalar context for the realname...
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Fedoraproject Fedora 21
Mozilla Bugzilla 4.5.5
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.4.2
Mozilla Bugzilla 4.4.3
Mozilla Bugzilla 4.2.2
Mozilla Bugzilla 4.2.3
Mozilla Bugzilla 4.2.10
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 4.5.3
Mozilla Bugzilla 4.5.4
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.0.12
Mozilla Bugzilla 4.0.11
5
CVSSv2
CVE-2013-0786
The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x prior to 3.6.13 and 3.7.x and 4.0.x prior to 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote malicious users to discover private...
Mozilla Bugzilla
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.6.10
Mozilla Bugzilla 3.6.11
Mozilla Bugzilla 3.6.4
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.6.6
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.7
Mozilla Bugzilla 4.0
Mozilla Bugzilla 4.0.8
Mozilla Bugzilla 4.0.7
Mozilla Bugzilla 4.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »