Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox focus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25743
A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 1...
Mozilla Firefox Focus -
NA
CVE-2024-0605
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. Th...
Mozilla Firefox Focus
NA
CVE-2023-29545
Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefo...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
2.6
CVSSv2
CVE-2005-0584
Firefox prior to 1.0.1 and Mozilla prior to 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.4.1
Mozilla Firefox 0.10
Mozilla Firefox 1.0
Mozilla Mozilla 1.7.3
Mozilla Mozilla 1.7.5
5.8
CVSSv2
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
5
CVSSv2
CVE-2004-1381
Firefox prior to 1.0 and Mozilla prior to 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote malicious users to steal sensitive data that is intended for other sites, which could ...
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.7.2
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.4.1
Mozilla Firefox 0.10
Mozilla Mozilla
Mozilla Mozilla 1.7.3
1 EDB exploit
6.8
CVSSv2
CVE-2007-1095
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote malicious users to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a ...
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.5
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.2
Mozilla Firefox 0.10
Mozilla Firefox 0.9
Mozilla Firefox 0.6.1
Mozilla Firefox 0.2
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.3
Mozilla Firefox 1.5.4
4.3
CVSSv2
CVE-2007-3511
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions prior to 2.0.0.8, and SeaMonkey prior to 1.1.5 allows remote malicious users to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses t...
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.0.5
Mozilla Firefox 1.5.0.12
Mozilla Firefox 2.0.0.6
Mozilla Firefox 2.0.0.4
Mozilla Seamonkey 1.0.4
Mozilla Firefox
Mozilla Firefox 2.0.0.5
NA
CVE-2023-28163
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are un...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome before 117.0.5938.132 and libvpx 1.13.1 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Webmproject Libvpx
Microsoft Edge 116.0.1938.98
Microsoft Edge 117.0.2045.47
Microsoft Edge Chromium 116.0.5845.229
Microsoft Edge Chromium 117.0.5938.132
Mozilla Firefox Focus
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Apple Iphone Os
Apple Ipad Os
Apple Ipad Os 16.7
Apple Iphone Os 16.7
2 Github repositories
5 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »