Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox esr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-1939
jsinfer.cpp in Mozilla Firefox ESR 10.x prior to 10.0.5 and Thunderbird ESR 10.x prior to 10.0.5 does not properly determine data types, which allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code v...
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
NA
CVE-2015-2708
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 38.0, Firefox ESR 31.x prior to 31.7, and Thunderbird prior to 31.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbit...
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Desktop 12.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Novell Suse Linux Enterprise Software Development Kit 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 31.1
Mozilla Firefox Esr 31.3.0
Mozilla Firefox Esr 31.1.1
Mozilla Firefox Esr 31.5
Mozilla Firefox Esr 31.6.0
Mozilla Firefox Esr 31.3
Mozilla Firefox Esr 31.5.3
Mozilla Firefox Esr 31.5.1
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.2
Mozilla Firefox Esr 31.4
Mozilla Firefox Esr 31.0
Mozilla Firefox Esr 31.5.2
8.8
CVSSv3
CVE-2016-1952
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vector...
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Novell Suse Package Hub For Suse Linux Enterprise 12
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
8.8
CVSSv3
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote malicious users to c...
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 42.1
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
4.3
CVSSv3
CVE-2016-1957
Memory leak in libstagefright in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Opensuse 13.1
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Oracle Linux 7
Oracle Linux 5.0
Oracle Linux 6
NA
CVE-2014-1557
The ConvolveHorizontally function in Skia, as used in Mozilla Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7, does not properly handle the discarding of image data during function execution, which allows remote malicious users to execute arbi...
Oracle Solaris 11.3
Mozilla Firefox Esr 24.6
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
Mozilla Firefox Esr 24.2
Mozilla Firefox Esr 24.3
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Firefox Esr 24.1.0
Mozilla Firefox Esr 24.1.1
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Firefox Esr 24.0.1
Mozilla Firefox Esr 24.0.2
Mozilla Firefox
Mozilla Thunderbird
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox Esr 24.0
Mozilla Firefox Esr 24.4
Mozilla Firefox Esr 24.5
Debian Debian Linux 6.0
NA
CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 allows remote malicious users to spoof the address bar by canceling a page load.
Mozilla Firefox 4.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 11.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
NA
CVE-2012-1965
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not properly establish the security context of a feed: URL, which allows remote malicious users to bypass unspecified cross-site scripting (XSS) protection mechanisms via a feed:javascript: URL.
Mozilla Firefox 4.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 12.0
Mozilla Firefox 13.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 9.0
Mozilla Firefox 11.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
NA
CVE-2012-1966
Mozilla Firefox 4.x up to and including 13.0 and Firefox ESR 10.x prior to 10.0.6 do not have the same context-menu restrictions for data: URLs as for javascript: URLs, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted URL.
Mozilla Firefox 4.0
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 4.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 11.0
Mozilla Firefox 12.0
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 13.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.5
NA
CVE-2013-0787
Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox prior to 19.0.2, Firefox ESR 17.x prior to 17.0.4, Thunderbird prior to 17.0.4, Thunderbird ESR 17.x prior to 17.0.4, and SeaMonkey prior to 2.16.1 allow...
Mozilla Firefox 19.0
Mozilla Firefox
Mozilla Firefox Esr 17.0.2
Mozilla Firefox Esr 17.0.3
Mozilla Firefox Esr 17.0.1
Mozilla Firefox Esr 17.0
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0
Mozilla Thunderbird
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird Esr 17.0.3
Mozilla Thunderbird Esr 17.0
Mozilla Thunderbird Esr 17.0.1
Mozilla Thunderbird Esr 17.0.2
Mozilla Seamonkey 2.16
Mozilla Seamonkey
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »