Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
epiphany vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-0238
The International Domain Name (IDN) support in Epiphany allows remote malicious users to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phish...
Gnome Epiphany
Mozilla Camino 0.8.5
Mozilla Mozilla
Omnigroup Omniweb 5
Opera Opera Browser
445
VMScore
CVE-2022-29536
In GNOME Epiphany prior to 41.4 and 42.x prior to 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Gnome Epiphany
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
517
VMScore
CVE-2019-6251
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.
Gnome Epiphany
Wpewebkit Wpe Webkit
Webkitgtk Webkitgtk
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Opensuse Leap 42.3
Opensuse Leap 15.0
668
VMScore
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote malicious users to execute arbitrary SQL commands via a crafted URL.
Epiphanyhealthdata Cardio Server 3.3
668
VMScore
CVE-2015-6538
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote malicious users to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL.
Ephiphanyheathdata Cardio Server 4.1
Ephiphanyheathdata Cardio Server 4.0
Ephiphanyheathdata Cardio Server 3.3
436
VMScore
CVE-2008-5913
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote malicious users...
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.8
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.15
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.7
890
VMScore
CVE-2010-1121
Mozilla Firefox 3.6.x prior to 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote malicious users to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interacti...
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6
516
VMScore
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
828
VMScore
CVE-2010-1203
The JavaScript engine in Mozilla Firefox 3.6.x prior to 3.6.4 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
828
VMScore
CVE-2010-1196
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x prior to 3.5.10 and 3.6.x prior to 3.6.4, Thunderbird prior to 3.0.5, and SeaMonkey prior to 2.0.5 allows remote malicious users to execute arbitrary code via a DOM node with a long te...
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.1.18
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »