Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 2.17.4 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0602
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x prior to 2.16.3 and 2.17.x prior to 2.17.4 allow remote malicious users to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA ...
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.17
Mozilla Bugzilla 2.17.1
NA
CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3, when Internet Explorer prior to 9 or Safari prior to 5....
Mozilla Bugzilla 3.4.10
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.4.6
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.11
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 2.19.3
NA
CVE-2011-2978
Bugzilla 2.16rc1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 does not prevent changes to the confirmation e-mail address (aka old_email field) for e-mail cha...
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.20.2
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.22.4
NA
CVE-2011-3669
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that upload attachments.
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.23
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.8
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.14.3
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.12
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.5
NA
CVE-2011-3668
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x prior to 4.2rc1 allows remote malicious users to hijack the authentication of arbitrary users for requests that create bug reports.
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.19.2
NA
CVE-2011-3667
The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account se...
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.0.11
Mozilla Bugzilla 3.0.9
Mozilla Bugzilla 3.2.10
Mozilla Bugzilla 3.2.8
Mozilla Bugzilla 3.2.9
Mozilla Bugzilla 3.4.12
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.9
NA
CVE-2011-3657
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when debug mode is used, allow remote malicious users to inject arbitrary web script o...
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.4.5
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.6.5
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.7.3
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.1.3
NA
CVE-2012-1969
The get_attachment_link function in Template.pm in Bugzilla 2.x and 3.x prior to 3.6.10, 3.7.x and 4.0.x prior to 4.0.7, 4.1.x and 4.2.x prior to 4.2.2, and 4.3.x prior to 4.3.2 does not check whether an attachment is private before presenting the attachment description within a ...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.1
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.9
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.22.3
NA
CVE-2012-3981
Auth/Verify/LDAP.pm in Bugzilla 2.x and 3.x prior to 3.6.11, 3.7.x and 4.0.x prior to 4.0.8, 4.1.x and 4.2.x prior to 4.2.3, and 4.3.x prior to 4.3.3 does not restrict the characters in a username, which might allow remote malicious users to inject data into an LDAP directory via...
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.20.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.5
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.14.1
Mozilla Bugzilla 2.14.4
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.0
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20.2
NA
CVE-2012-0466
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x prior to 3.6.9, 3.7.x and 4.0.x prior to 4.0.6, and 4.1.x and 4.2.x prior to 4.2.1 does not properly handle multiple logins, which allows remote malicious users to conduct cross-site scripting (XSS) attacks and obtain ...
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.9
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.18.6\\+
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.20.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »