Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
carsten book vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1488
The Web workers implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allows remote malicious users to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with...
Mozilla Seamonkey
Mozilla Firefox
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 13.1
NA
CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 33.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between t...
Mozilla Firefox
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
10
CVSSv3
CVE-2016-1931
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 44.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encounter...
Mozilla Firefox
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
6.5
CVSSv3
CVE-2016-2816
Mozilla Firefox prior to 46.0 allows remote malicious users to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
Mozilla Firefox
NA
CVE-2014-1480
The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, vi...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2014-1525
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (use...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 19
NA
CVE-2014-1582
The Public Key Pinning (PKP) implementation in Mozilla Firefox prior to 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle malicious users to bypass an intended pinning configura...
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox
Mozilla Firefox 31.1.0
9.8
CVSSv3
CVE-2016-1946
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox prior to 44.0 does not limit the size of read operations, which might allow remote malicious users to cause a denial of service (integer overflow and buffer overflow) or possibly have...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Mozilla Firefox
8.8
CVSSv3
CVE-2016-2811
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox prior to 46.0 allows remote malicious users to execute arbitrary code via vectors related to the BeginReading method.
Mozilla Firefox
NA
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote malicious users to execute arbitrary XSLT code b...
Mozilla Seamonkey
Mozilla Firefox
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »