Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox mobile vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-15674
Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81.
Mozilla Firefox
1 Article
6.8
CVSSv2
CVE-2020-15675
When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 81.
Mozilla Firefox
1 Article
5.8
CVSSv2
CVE-2018-10229
A hardware vulnerability in GPU memory modules allows malicious users to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
Mozilla Firefox -
Google Chrome -
Lg Nexus 5 -
1 Github repository
4.3
CVSSv2
CVE-2012-1143
FreeType prior to 2.4.9, as used in Mozilla Firefox Mobile prior to 10.0.4 and other products, allows remote malicious users to cause a denial of service (divide-by-zero error) via a crafted font.
Freetype Freetype 2.0.3
Freetype Freetype 2.4.0
Freetype Freetype 2.4.2
Mozilla Firefox Mobile 4.0
Freetype Freetype 2.3.6
Freetype Freetype
Freetype Freetype 2.1.9
Freetype Freetype 2.1.10
Freetype Freetype 2.3.4
Freetype Freetype 2.0.1
Freetype Freetype 2.3.5
Mozilla Firefox Mobile 8.0
Mozilla Firefox Mobile 10.0.1
Mozilla Firefox Mobile 7.0
Freetype Freetype 2.1
Freetype Freetype 2.1.5
Freetype Freetype 2.3.10
Mozilla Firefox Mobile 10.0.2
Freetype Freetype 1.3.1
Mozilla Firefox Mobile 6.0.2
Freetype Freetype 2.4.4
Freetype Freetype 2.4.6
1.9
CVSSv2
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
1 Github repository
NA
CVE-2024-29944
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox...
2 Articles
NA
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome before 117.0.5938.132 and libvpx 1.13.1 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Webmproject Libvpx
Microsoft Edge 116.0.1938.98
Microsoft Edge 117.0.2045.47
Microsoft Edge Chromium 116.0.5845.229
Microsoft Edge Chromium 117.0.5938.132
Mozilla Firefox Focus
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Apple Iphone Os
Apple Ipad Os
Apple Ipad Os 16.7
Apple Iphone Os 16.7
2 Github repositories
5 Articles
NA
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome before 116.0.5845.187 and libwebp 1.3.2 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Microsoft Edge
Webmproject Libwebp
20 Github repositories
5 Articles
NA
CVE-2022-1529
An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process. This vulnerability affects F...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
1 Github repository
1 Article
NA
CVE-2022-1802
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Fi...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
2 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »