Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox focus vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-0606
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
Mozilla Firefox Focus
7.5
CVSSv3
CVE-2024-0605
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. Th...
Mozilla Firefox Focus
7.5
CVSSv3
CVE-2023-25743
A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 1...
Mozilla Firefox Focus -
9.8
CVSSv3
CVE-2023-29542
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. *This bug only affects Firefox and Thunderbird on Windo...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.8
CVSSv3
CVE-2023-29531
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash. *This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox &...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
5.5
CVSSv3
CVE-2023-29532
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2023-29545
Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefo...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
NA
CVE-2005-0584
Firefox prior to 1.0.1 and Mozilla prior to 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.
Mozilla Firefox 0.8
Mozilla Mozilla 1.7
Mozilla Mozilla 1.5
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.7.5
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Mozilla 1.6
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.3
Mozilla Firefox 1.0
Mozilla Mozilla 1.4
Mozilla Mozilla 1.7.1
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Firefox 0.9.2
Mozilla Mozilla 1.7.2
Mozilla Firefox 0.10
Mozilla Mozilla 1.7.3
NA
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5.6
Mozilla Firefox 3.0.8
Mozilla Firefox 3.5
Mozilla Firefox 3.5.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.7
Mozilla Firefox 3.0.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.0.14
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
NA
CVE-2004-1381
Firefox prior to 1.0 and Mozilla prior to 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote malicious users to steal sensitive data that is intended for other sites, which could ...
Mozilla Firefox 0.8
Mozilla Mozilla 1.7
Mozilla Mozilla 1.5
Mozilla Firefox 0.9.1
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Mozilla 1.6
Mozilla Mozilla 1.4.1
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla
Mozilla Mozilla 1.7.1
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.5.1
Mozilla Firefox 0.9.2
Mozilla Mozilla 1.7.2
Mozilla Firefox 0.10
Mozilla Mozilla 1.7.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »