Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 11.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-43538
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2021-43539
Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Thunderbird...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-43545
Using the Location API in a loop could have caused severe application hangs and crashes. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-43546
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2012-3973
The debugger in the developer-tools subsystem in Mozilla Firefox prior to 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote malicious users to execute arbitrary code by leveraging the presence of the HT...
Mozilla Firefox 12.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0
Mozilla Firefox 13.0
Mozilla Firefox
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 6.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.6.25
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.8
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.2
Mozilla Firefox 3.0.11
NA
CVE-2012-3965
Mozilla Firefox prior to 15.0 does not properly restrict navigation to the about:newtab page, which allows remote malicious users to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window.
Mozilla Firefox 11.0
Mozilla Firefox 10.0.2
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 4.0
Mozilla Firefox 3.0.5
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.6.17
Mozilla Firefox 3.0.9
Mozilla Firefox 3.6.20
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.6
Mozilla Firefox 2.0.0.17
Mozilla Firefox 2.0.0.10
NA
CVE-2012-5837
The Web Developer Toolbar in Mozilla Firefox prior to 17.0 executes script with chrome privileges, which allows user-assisted remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted string.
Mozilla Firefox 14.0.1
Mozilla Firefox 14.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox
Mozilla Firefox 13.0
Mozilla Firefox 13.0.1
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.7
NA
CVE-2012-4203
The New Tab page in Mozilla Firefox prior to 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote malicious users to run arbitrary programs by leveraging a javascript: URL in a bookmark.
Mozilla Firefox
Mozilla Firefox 16.0.1
Mozilla Firefox 13.0.1
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.23
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.0.10
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.9
NA
CVE-2012-4190
The FT2FontEntry::CreateFontEntry function in FreeType, as used in the Android build of Mozilla Firefox prior to 16.0.1 on CyanogenMod 10, allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...
Mozilla Firefox 14.0.1
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 5.0
Mozilla Firefox 4.0
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.25
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.5
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.7
Mozilla Firefox 3.5.15
Mozilla Firefox 3.0.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.9
Mozilla Firefox 2.0.0.14
6.5
CVSSv3
CVE-2023-6865
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »