Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 1.3 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-2713
Cross-site request forgery (CSRF) vulnerability in the BrowserID (Mozilla Persona) module 7.x-1.x prior to 7.x-1.3 for Drupal allows remote malicious users to hijack the authentication of arbitrary users for requests that login a user to another web site.
Browserid Project Browserid 7.x-1.1
Browserid Project Browserid 7.x-1.2
6.8
CVSSv2
CVE-2011-4140
The CSRF protection mechanism in Django up to and including 1.2.7 and 1.3.x up to and including 1.3.1 does not properly handle web-server configurations supporting arbitrary HTTP Host headers, which allows remote malicious users to trigger unauthenticated forged requests via vect...
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.1.3
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
6.8
CVSSv2
CVE-2004-0191
Mozilla prior to 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
Mozilla Mozilla 0.9.2
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.6
Mozilla Mozilla 0.9.7
Mozilla Mozilla 1.0
Mozilla Mozilla 1.1
Mozilla Mozilla 1.3.1
Mozilla Mozilla 1.4
Mozilla Mozilla 0.9.4
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.2.1
Mozilla Mozilla 1.2
Mozilla Mozilla 1.5
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.48
Mozilla Mozilla 0.9.5
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.3
Mozilla Mozilla 0.9.3
Mozilla Mozilla 0.9.35
Mozilla Mozilla 0.9.8
6.8
CVSSv2
CVE-2003-0154
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote malicious users to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cg...
Mozilla Bonsai 1.3
1 EDB exploit
6.4
CVSSv2
CVE-2020-12403
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions prior to 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly ...
Mozilla Nss
2 Github repositories
6.4
CVSSv2
CVE-2005-4685
Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote malicious users to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by ...
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5
Mozilla Firefox Preview Release
Mozilla Mozilla 0.9.4.1
Mozilla Mozilla 0.9.48
Mozilla Mozilla 1.0.1
Mozilla Mozilla 1.0.2
Mozilla Mozilla 1.2
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7.11
Mozilla Mozilla 1.7.12
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.9
Mozilla Mozilla 1.7
Mozilla Mozilla 1.8
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Firefox 1.0.7
Mozilla Mozilla 0.9.35
5.8
CVSSv2
CVE-2011-4136
django.contrib.sessions in Django prior to 1.2.7 and 1.3.x prior to 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote malicious users to modify a session by triggering use of a key ...
Djangoproject Django 1.2.1
Djangoproject Django 1.1.2
Djangoproject Django 1.0.2
Djangoproject Django
Djangoproject Django 0.95
Djangoproject Django 0.95.1
Djangoproject Django 1.2.3
Djangoproject Django 1.1.0
Djangoproject Django 1.2.4
Djangoproject Django 1.2.5
Djangoproject Django 1.1
Djangoproject Django 1.0
Djangoproject Django 1.3
Djangoproject Django 1.2
Djangoproject Django 1.1.3
Djangoproject Django 0.91
Djangoproject Django 1.2.2
Djangoproject Django 1.0.1
Djangoproject Django 0.96
5.1
CVSSv2
CVE-2005-0399
Heap-based buffer overflow in GIF2.cpp in Firefox prior to 1.0.2, Mozilla before to 1.7.6, and Thunderbird prior to 1.0.2, and possibly other applications that use the same library, allows remote malicious users to execute arbitrary code via a GIF image with a crafted Netscape ex...
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.5
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.7
Mozilla Mozilla 1.7.1
Mozilla Thunderbird 0.7.1
Mozilla Thunderbird 0.7.2
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Firefox 1.0.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7.5
Mozilla Thunderbird 0.3
Mozilla Thunderbird 0.4
Mozilla Thunderbird 0.9
Mozilla Thunderbird 1.0
Mozilla Firefox 0.10
Mozilla Firefox 0.9
Mozilla Firefox 1.0
5.1
CVSSv2
CVE-2005-0401
FireFox 1.0.1 and Mozilla prior to 1.7.6 do not sufficiently address all attack vectors for loading chrome files and hijacking drag and drop events, which allows remote malicious users to execute arbitrary XUL code by tricking a user into dragging a scrollbar, a variant of CVE-20...
Mozilla Firefox 0.9.3
Mozilla Firefox 0.9
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
Mozilla Firefox 0.8
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Mozilla 1.3
Mozilla Mozilla 1.7.5
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.7.1
5.1
CVSSv2
CVE-2005-1160
The privileged "chrome" UI code in Firefox prior to 1.0.3 and Mozilla Suite prior to 1.7.7 allows remote malicious users to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or th...
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Mozilla 1.4
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.6
Mozilla Mozilla 1.7
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Mozilla 1.5.1
Mozilla Mozilla 1.5
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
Mozilla Firefox 0.8
Mozilla Firefox 0.9
Mozilla Firefox 1.0.2
Mozilla Mozilla 1.3
Mozilla Mozilla 1.7.5
Mozilla Mozilla 1.7.6
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »