Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 10.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0751
A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0753
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
NA
CVE-2024-0755
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox &l...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Debian Debian Linux 10.0
570
VMScore
CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
383
VMScore
CVE-2012-1965
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not properly establish the security context of a feed: URL, which allows remote malicious users to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
Mozilla Firefox 4.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
383
VMScore
CVE-2012-1966
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted URL.
Mozilla Firefox 4.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 13.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
383
VMScore
CVE-2021-23968
If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affe...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2021-23969
As specified in the W3C Content Security Policy draft, when creating a violation report, "User agents need to ensure that the source file is the URL requested by the page, pre-redirects. If that’s not possible, user agents need to strip the URL down to an origin to avo...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2021-23973
When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed information about the resource. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
605
VMScore
CVE-2021-23978
Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Fire...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »