Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 5.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv3
CVE-2016-2810
Mozilla Firefox prior to 46.0 on Android prior to 5.0 allows malicious users to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.
Mozilla Firefox
4.7
CVSSv3
CVE-2015-8508
Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.16, 4.3.x and 4.4.x prior to 4.4.11, and 4.5.x and 5.0.x prior to 5.0.2, when a local dot configuration is used, allows remote malicious users to inject arbitrary web sc...
Mozilla Bugzilla 4.4.7
Mozilla Bugzilla 4.4.6
Mozilla Bugzilla 4.2.14
Mozilla Bugzilla 4.2.13
Mozilla Bugzilla 4.2.6
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 4.0.17
Mozilla Bugzilla 4.0.16
Mozilla Bugzilla 4.0.8
Mozilla Bugzilla 4.0.7
Mozilla Bugzilla 4.0
Mozilla Bugzilla 3.6.13
Mozilla Bugzilla 3.6.6
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.4
Mozilla Bugzilla 3.4.12
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.0.9
4.3
CVSSv3
CVE-2016-1957
Memory leak in libstagefright in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Opensuse 13.1
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Oracle Linux 7
Oracle Linux 5.0
Oracle Linux 6
4.3
CVSSv3
CVE-2016-1958
browser/base/content/browser.js in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to spoof the address bar via a javascript: URL.
Oracle Linux 5.0
Oracle Linux 6
Oracle Linux 7
Opensuse Opensuse 13.1
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
3.5
CVSSv3
CVE-2015-8509
Template.pm in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.16, 4.3.x and 4.4.x prior to 4.4.11, and 4.5.x and 5.0.x prior to 5.0.2 does not properly construct CSV files, which allows remote malicious users to obtain sensitive information by leveraging a web browser that interprets CS...
Mozilla Bugzilla 4.4.10
Mozilla Bugzilla 4.4.9
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.0.11
Mozilla Bugzilla 4.0.10
Mozilla Bugzilla 4.0.3
Mozilla Bugzilla 4.0.2
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.7
NA
CVE-2015-4499
Util.pm in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.15, 4.3.x and 4.4.x prior to 4.4.10, and 5.x prior to 5.0.1 mishandles long e-mail addresses during account registration, which allows remote malicious users to obtain the default privileges for an arbitrary domain name by placin...
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.10
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.3
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 25.0
Mozilla Firefox 24.1.1
NA
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 27.0
Mozilla Firefox 26.0
Mozilla Firefox 23.0
Mozilla Firefox 22.0
NA
CVE-2015-0822
The Form Autocompletion feature in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to read arbitrary files via crafted JavaScript code.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »