Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.16 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-0803
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, allows remote malicious users to display restricted products and components via a direct HTTP request to queryhelp.cgi.
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.14
445
VMScore
CVE-2002-0810
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
435
VMScore
CVE-2013-1742
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x prior to 4.0.11; 4.1.x and 4.2.x prior to 4.2.7; and 4.3.x and 4.4.x prior to 4.4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) id or (2) s...
Mozilla Bugzilla 4.1
Mozilla Bugzilla 4.1.1
Mozilla Bugzilla 4.1.2
Mozilla Bugzilla 4.1.3
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.18.5
1 EDB exploit
409
VMScore
CVE-2002-0805
Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.
Mozilla Bugzilla 2.14
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.16
383
VMScore
CVE-2016-2803
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 up to and including 4.4.11, and 4.5.1 up to and including 5.0.2 allows remote malicious users to inject arbitrary web script or HTML.
Mozilla Bugzilla 5.0
Mozilla Bugzilla 4.5.1
Mozilla Bugzilla 4.2.5
Mozilla Bugzilla 4.2.6
Mozilla Bugzilla 4.3.3
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.5
Mozilla Bugzilla 4.4.6
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4.13
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.4.9
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.6.10
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.6.6
383
VMScore
CVE-2015-8509
Template.pm in Bugzilla 2.x, 3.x, and 4.x prior to 4.2.16, 4.3.x and 4.4.x prior to 4.4.11, and 4.5.x and 5.0.x prior to 5.0.2 does not properly construct CSV files, which allows remote malicious users to obtain sensitive information by leveraging a web browser that interprets CS...
Mozilla Bugzilla 4.4.10
Mozilla Bugzilla 4.4.9
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.0.11
Mozilla Bugzilla 4.0.10
Mozilla Bugzilla 4.0.3
Mozilla Bugzilla 4.0.2
Mozilla Bugzilla 3.6.9
Mozilla Bugzilla 3.6.8
Mozilla Bugzilla 3.6.7
Mozilla Bugzilla 3.6
Mozilla Bugzilla 3.4.14
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.7
383
VMScore
CVE-2014-1573
Bugzilla 2.x up to and including 4.0.x prior to 4.0.15, 4.1.x and 4.2.x prior to 4.2.11, 4.3.x and 4.4.x prior to 4.4.6, and 4.5.x prior to 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote malicious users to conduct cross-site sc...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Mozilla Bugzilla 4.5.3
Mozilla Bugzilla 4.5.4
Mozilla Bugzilla 4.4
Mozilla Bugzilla 4.4.1
Mozilla Bugzilla 4.2
Mozilla Bugzilla 4.2.1
Mozilla Bugzilla 4.2.8
Mozilla Bugzilla 4.2.9
Mozilla Bugzilla 4.5
Mozilla Bugzilla 4.3.1
Mozilla Bugzilla 4.3.2
Mozilla Bugzilla 4.4.4
Mozilla Bugzilla 4.4.5
Mozilla Bugzilla 4.5.5
Mozilla Bugzilla 4.3
Mozilla Bugzilla 4.4.2
Mozilla Bugzilla 4.4.3
Mozilla Bugzilla 4.2.2
Mozilla Bugzilla 4.2.3
383
VMScore
CVE-2012-1969
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x prior to 3.6.10, 3.7.x and 4.0.x prior to 4.0.7, 4.1.x and 4.2.x prior to 4.2.2, and 4.3.x prior to 4.3.2 does not check whether an attachment is private before presenting the attachment description within a ...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.22.3
383
VMScore
CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when debug mode is used, allow remote malicious users to inject arbitrary web script o...
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.1.3
383
VMScore
CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3, when Internet Explorer prior to 9 or Safari prior to 5....
Mozilla Bugzilla 3.4.10
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 2.19.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »