Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.16 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-0803
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, allows remote malicious users to display restricted products and components via a direct HTTP request to queryhelp.cgi.
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.14
5
CVSSv2
CVE-2002-0810
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
4.6
CVSSv2
CVE-2002-0805
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
4.3
CVSSv2
CVE-2016-2803
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 up to and including 4.4.11, and 4.5.1 up to and including 5.0.2 allows remote malicious users to inject arbitrary web script or HTML.
Mozilla Bugzilla 5.0
Mozilla Bugzilla 4.5.1
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 4.2.6
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.5
Mozilla Bugzilla 4.4.6
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4.13
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.10
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.6
4.3
CVSSv2
CVE-2015-8509
Template.pm in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.16, 4.3.x and 4.4.x prior to 4.4.11, and 4.5.x and 5.0.x prior to 5.0.2 does not properly construct CSV files, which allows remote malicious users to obtain sensitive information by leveraging a web browser that interprets CS...
Mozilla Bugzilla 4.4.10
Mozilla Bugzilla 4.4.9
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.0.11
Mozilla Bugzilla 4.0.10
Mozilla Bugzilla 4.0.3
Mozilla Bugzilla 4.0.2
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.7
4.3
CVSSv2
CVE-2014-1573
Bugzilla 2.x up to and including 4.0.x prior to 4.0.15, 4.1.x and 4.2.x prior to 4.2.11, 4.3.x and 4.4.x prior to 4.4.6, and 4.5.x prior to 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote malicious users to conduct cross-site sc...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Mozilla Bugzilla 4.5.3
Mozilla Bugzilla 4.5.4
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.5
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 4.4.4
Mozilla Bugzilla 4.4.5
Mozilla Bugzilla 4.5.5
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.4.2
Mozilla Bugzilla 4.4.3
Mozilla Bugzilla 4.2.2
Mozilla Bugzilla 4.2.3
4.3
CVSSv2
CVE-2013-1742
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) id or (2) s...
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 4.1.2
Mozilla Bugzilla 4.1.3
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.5
1 EDB exploit
4.3
CVSSv2
CVE-2012-1969
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x prior to 3.6.10, 3.7.x and 4.0.x prior to 4.0.7, 4.1.x and 4.2.x prior to 4.2.2, and 4.3.x prior to 4.3.2 does not check whether an attachment is private before presenting the attachment description within a ...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.22.3
4.3
CVSSv2
CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when debug mode is used, allow remote malicious users to inject arbitrary web script o...
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.1.3
4.3
CVSSv2
CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3, when Internet Explorer prior to 9 or Safari prior to 5....
Mozilla Bugzilla 3.4.10
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 2.19.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »