Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.18.2 vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2005-2174
Bugzilla 2.17.x, 2.18 prior to 2.18.2, 2.19.x, and 2.20 prior to 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows malicious users to access information about the bug via buglist.cgi before MySQL replication is compl...
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.19.3
3.5
CVSSv2
CVE-2009-0481
Bugzilla 2.x prior to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web browsers.
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
5.8
CVSSv2
CVE-2009-0482
Cross-site request forgery (CSRF) vulnerability in Bugzilla prior to 3.2 prior to 3.2.1, 3.3 prior to 3.3.2, and other versions prior to 3.2 allows remote malicious users to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.2
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
5.8
CVSSv2
CVE-2009-0483
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 prior to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cg...
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.18.7
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.4
4.3
CVSSv2
CVE-2009-3989
Bugzilla prior to 3.0.11, 3.2.x prior to 3.2.6, 3.4.x prior to 3.4.5, and 3.5.x prior to 3.5.3 does not block access to files and directories that are used by custom installations, which allows remote malicious users to obtain sensitive information via requests for (1) CVS/, (2) ...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.0.9
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.10
Mozilla Bugzilla 3.4
5
CVSSv2
CVE-2010-3764
The Old Charts implementation in Bugzilla 2.12 up to and including 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote malicious users to obtain sensitive information via a modified URL.
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.20.2
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.2.6
5
CVSSv2
CVE-2010-2758
Bugzilla 2.17.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote malicious users to guess produ...
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.9
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.1.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.2.7
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.6
4.3
CVSSv2
CVE-2011-2381
CRLF injection vulnerability in Bugzilla 2.17.1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 allows remote malicious users to inject arbitrary e-mail headers ...
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.5
5
CVSSv2
CVE-2013-0786
The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x prior to 3.6.13 and 3.7.x and 4.0.x prior to 4.0.10 generates different error messages for invalid product queries depending on whether a product exists, which allows remote malicious users to discover private...
Mozilla Bugzilla
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.0
Mozilla Bugzilla 3.6.10
Mozilla Bugzilla 3.6.11
Mozilla Bugzilla 3.6.4
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6.2
Mozilla Bugzilla 3.6.3
Mozilla Bugzilla 3.6.6
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.7
Mozilla Bugzilla 4.0
Mozilla Bugzilla 4.0.8
Mozilla Bugzilla 4.0.7
Mozilla Bugzilla 4.0.4
7.5
CVSSv2
CVE-2010-4568
Bugzilla 2.14 up to and including 2.22.7; 3.0.x, 3.1.x, and 3.2.x prior to 3.2.10; 3.4.x prior to 3.4.10; 3.6.x prior to 3.6.4; and 4.0.x prior to 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote malicious users to obtain access to arbit...
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.18.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »