Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox os vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-5121
Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Ot...
Mozilla Firefox
694
VMScore
CVE-2007-3073
Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and previous versions on Mac OS X and Unix allows remote malicious users to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI.
Mozilla Firefox
445
VMScore
CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vul...
Debian Debian Linux 7.0
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
445
VMScore
CVE-2015-4503
The TCP Socket API implementation in Mozilla Firefox prior to 41.0 mishandles array boundaries that were established with a navigator.mozTCPSocket.open method call and send method calls, which allows remote TCP servers to obtain sensitive information from process memory by readin...
Mozilla Firefox
445
VMScore
CVE-2018-5110
If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. Note: This vulnerability only affects OS X. Other operating systems are not affected. This vulnerability af...
Mozilla Firefox
383
VMScore
CVE-2015-0810
Mozilla Firefox prior to 37.0 on OS X does not ensure that the cursor is visible, which allows remote malicious users to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interac...
Mozilla Firefox
446
VMScore
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
409
VMScore
CVE-2017-7836
The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requir...
Mozilla Firefox
505
VMScore
CVE-2008-4324
The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events. NOTE:...
Mozilla Firefox 3.0.3
1 EDB exploit
515
VMScore
CVE-2010-0166
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 prior to 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote malicious users to cause a denial of ...
Mozilla Firefox 3.6
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »