Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 22.0 vulnerabilities and exploits
(subscribe to this query)
405
VMScore
CVE-2013-1727
Mozilla Firefox prior to 24.0 on Android allows malicious users to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Mozilla Firefox
Mozilla Firefox 19.0
Mozilla Firefox 19.0.1
Mozilla Firefox 19.0.2
Mozilla Firefox 20.0
Mozilla Firefox 20.0.1
Mozilla Firefox 21.0
Mozilla Firefox 22.0
Mozilla Firefox 23.0
1 EDB exploit
384
VMScore
CVE-2015-0822
The Form Autocompletion feature in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to read arbitrary files via crafted JavaScript code.
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
383
VMScore
CVE-2015-0834
The WebRTC subsystem in Mozilla Firefox prior to 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle malicious users to discover credentials by spoofing a server and completing a brute-force at...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
383
VMScore
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
383
VMScore
CVE-2015-0825
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox prior to 36.0 allows remote malicious users to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during pl...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
383
VMScore
CVE-2015-0827
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to obtain sensitive information from uninitialized process memory via a malformed SVG gr...
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
383
VMScore
CVE-2013-5593
The SELECT element implementation in Mozilla Firefox prior to 25.0, Firefox ESR 24.x prior to 24.1, Thunderbird prior to 24.1, and SeaMonkey prior to 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote malicious users to spo...
Mozilla Firefox Esr 24.0
Mozilla Firefox Esr 24.0.2
Mozilla Firefox Esr 24.0.1
Mozilla Thunderbird 17.0.7
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0.8
Mozilla Thunderbird
Mozilla Thunderbird Esr 17.0.9
Mozilla Thunderbird 17.0.6
Mozilla Thunderbird 24.0
Mozilla Thunderbird 17.0.5
Mozilla Firefox 19.0
Mozilla Firefox
Mozilla Firefox 23.0.1
Mozilla Firefox 19.0.2
Mozilla Firefox 20.0.1
Mozilla Firefox 19.0.1
Mozilla Firefox 21.0
383
VMScore
CVE-2013-1728
The IonMonkey JavaScript engine in Mozilla Firefox prior to 24.0, Thunderbird prior to 24.0, and SeaMonkey prior to 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote malicious users to obtain sensitive information via unspecif...
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 2.13.1
Mozilla Seamonkey 2.15
Mozilla Seamonkey 2.20
Mozilla Seamonkey 2.0.13
Mozilla Seamonkey 2.12.1
Mozilla Seamonkey 2.13.2
Mozilla Seamonkey 2.14
Mozilla Seamonkey 2.12
Mozilla Seamonkey 2.0.4
Mozilla Seamonkey 2.10
Mozilla Seamonkey 2.1
Mozilla Seamonkey 2.11
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.2
Mozilla Seamonkey 2.16
Mozilla Seamonkey 2.13
Mozilla Seamonkey 2.16.1
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.19
Mozilla Seamonkey 2.17
383
VMScore
CVE-2013-1723
The NativeKey widget in Mozilla Firefox prior to 24.0, Thunderbird prior to 24.0, and SeaMonkey prior to 2.21 processes key messages after destruction by a dispatched event listener, which allows remote malicious users to cause a denial of service (application crash) by leveragin...
Mozilla Thunderbird 17.0.7
Mozilla Thunderbird
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0.8
Mozilla Thunderbird 17.0.6
Mozilla Thunderbird 17.0.5
Mozilla Firefox 19.0
Mozilla Firefox 19.0.2
Mozilla Firefox 20.0.1
Mozilla Firefox 19.0.1
Mozilla Firefox 21.0
Mozilla Firefox
Mozilla Firefox 20.0
Mozilla Firefox 22.0
Mozilla Firefox 23.0
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 2.13.1
Mozilla Seamonkey 2.15
383
VMScore
CVE-2013-1692
Mozilla Firefox prior to 22.0, Firefox ESR 17.x prior to 17.0.7, Thunderbird prior to 17.0.7, and Thunderbird ESR 17.x prior to 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote malicious users to conduct cross-si...
Mozilla Firefox 19.0
Mozilla Firefox 19.0.2
Mozilla Firefox 20.0.1
Mozilla Firefox 19.0.1
Mozilla Firefox 20.0
Mozilla Firefox
Mozilla Firefox Esr 17.0.5
Mozilla Firefox Esr 17.0
Mozilla Firefox Esr 17.0.1
Mozilla Firefox Esr 17.0.6
Mozilla Firefox Esr 17.0.4
Mozilla Firefox Esr 17.0.3
Mozilla Firefox Esr 17.0.2
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird
Mozilla Thunderbird 17.0.5
Mozilla Thunderbird Esr 17.0.1
Mozilla Thunderbird Esr 17.0.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »