Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox focus - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0605
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. Th...
Mozilla Firefox Focus
NA
CVE-2024-0606
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
Mozilla Firefox Focus
NA
CVE-2023-29545
Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefo...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
231
VMScore
CVE-2005-0584
Firefox prior to 1.0.1 and Mozilla prior to 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.4.1
Mozilla Firefox 0.10
Mozilla Firefox 1.0
Mozilla Mozilla 1.7.3
Mozilla Mozilla 1.7.5
516
VMScore
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
505
VMScore
CVE-2004-1381
Firefox prior to 1.0 and Mozilla prior to 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote malicious users to steal sensitive data that is intended for other sites, which could ...
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.7.2
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.4.1
Mozilla Firefox 0.10
Mozilla Mozilla
Mozilla Mozilla 1.7.3
1 EDB exploit
383
VMScore
CVE-2007-3511
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions prior to 2.0.0.8, and SeaMonkey prior to 1.1.5 allows remote malicious users to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses t...
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.0.5
Mozilla Firefox 1.5.0.12
Mozilla Firefox 2.0.0.6
Mozilla Firefox 2.0.0.4
Mozilla Seamonkey 1.0.4
Mozilla Firefox
Mozilla Firefox 2.0.0.5
605
VMScore
CVE-2007-1095
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote malicious users to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site that is visited by a ...
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.4.1
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.5
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.2
Mozilla Firefox 0.10
Mozilla Firefox 0.9
Mozilla Firefox 0.6.1
Mozilla Firefox 0.2
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.3
Mozilla Firefox 1.5.4
NA
CVE-2023-28163
When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are un...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome before 117.0.5938.132 and libvpx 1.13.1 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Webmproject Libvpx
Microsoft Edge 116.0.1938.98
Microsoft Edge 117.0.2045.47
Microsoft Edge Chromium 116.0.5845.229
Microsoft Edge Chromium 117.0.5938.132
Mozilla Firefox Focus
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Apple Iphone Os
Apple Ipad Os
Apple Ipad Os 16.7
Apple Iphone Os 16.7
2 Github repositories
5 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »