Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 24.1.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-1559
Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 allow remote malicious users to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-...
Mozilla Thunderbird 24.6
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.0
Mozilla Firefox
Mozilla Thunderbird 24.0.1
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Thunderbird 24.2
Mozilla Thunderbird
Mozilla Thunderbird 24.3
Mozilla Thunderbird 24.4
4.3
CVSSv2
CVE-2014-1560
Mozilla Firefox prior to 31.0 and Thunderbird prior to 31.0 allow remote malicious users to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context.
Mozilla Thunderbird 24.1.1
Mozilla Thunderbird 24.2
Mozilla Thunderbird
Mozilla Thunderbird 24.6
Mozilla Thunderbird 24.3
Mozilla Thunderbird 24.4
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.0
Mozilla Firefox
Mozilla Thunderbird 24.0.1
Mozilla Thunderbird 24.1
10
CVSSv2
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7 on Windows allows remote malicious users to execute arbitrary code via crafted use of fonts in MathML content, leading to im...
Mozilla Firefox Esr 24.6
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
Mozilla Firefox Esr 24.2
Mozilla Firefox Esr 24.3
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Firefox Esr 24.0.1
Mozilla Firefox Esr 24.0.2
Mozilla Firefox
Mozilla Thunderbird
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox Esr 24.0
Mozilla Firefox Esr 24.4
Mozilla Firefox Esr 24.5
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Firefox Esr 24.1.0
Mozilla Firefox Esr 24.1.1
5
CVSSv2
CVE-2015-0832
Mozilla Firefox prior to 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle malicious users to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.1
4.3
CVSSv2
CVE-2015-0834
The WebRTC subsystem in Mozilla Firefox prior to 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle malicious users to discover credentials by spoofing a server and completing a brute-force at...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
7.5
CVSSv2
CVE-2015-0835
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 36.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox 33.0
Mozilla Firefox 32.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.8
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.11
Mozilla Firefox 27.0.1
Mozilla Firefox 27.0
1 Article
4.3
CVSSv2
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
2.6
CVSSv2
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 25.0
Mozilla Firefox 24.1.1
6.8
CVSSv2
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 27.0
Mozilla Firefox 26.0
Mozilla Firefox 23.0
Mozilla Firefox 22.0
5
CVSSv2
CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox prior to 36.0 allows remote malicious users to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo l...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »