Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
carsten book vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2014-1525
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (use...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 19
890
VMScore
CVE-2016-1931
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 44.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to uninitialized memory encounter...
Mozilla Firefox
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
890
VMScore
CVE-2016-1946
The MoofParser::Metadata function in binding/MoofParser.cpp in libstagefright in Mozilla Firefox prior to 44.0 does not limit the size of read operations, which might allow remote malicious users to cause a denial of service (integer overflow and buffer overflow) or possibly have...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Mozilla Firefox
668
VMScore
CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 33.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between t...
Mozilla Firefox
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
383
VMScore
CVE-2014-1480
The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, vi...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Seamonkey
445
VMScore
CVE-2014-1483
Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allow remote malicious users to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and do...
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Mozilla Seamonkey
Mozilla Firefox
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Suse Linux Enterprise Software Development Kit 11.0
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
890
VMScore
CVE-2014-1488
The Web workers implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 allows remote malicious users to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with...
Mozilla Seamonkey
Mozilla Firefox
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Oracle Solaris 11.3
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 13.1
383
VMScore
CVE-2014-1582
The Public Key Pinning (PKP) implementation in Mozilla Firefox prior to 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle malicious users to bypass an intended pinning configura...
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox
Mozilla Firefox 31.1.0
605
VMScore
CVE-2016-2811
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in Mozilla Firefox prior to 46.0 allows remote malicious users to execute arbitrary code via vectors related to the BeginReading method.
Mozilla Firefox
668
VMScore
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote malicious users to execute arbitrary XSLT code b...
Mozilla Seamonkey
Mozilla Firefox
Oracle Solaris 11.3
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Opensuse Opensuse 12.3
Suse Linux Enterprise Software Development Kit 11
Opensuse Opensuse 11.4
Opensuse Opensuse 13.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »