Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox esr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1586
content/base/src/nsDocument.cpp in Mozilla Firefox prior to 33.0, Firefox ESR 31.x prior to 31.2, and Thunderbird 31.x prior to 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote malicious users to obtain sensitive information from the local cam...
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox
Mozilla Thunderbird 31.0
Mozilla Thunderbird 31.1.0
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
NA
CVE-2011-3062
Off-by-one error in the OpenType Sanitizer in Google Chrome prior to 18.0.1025.142 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
Google Chrome
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
NA
CVE-2013-1726
Mozilla Updater in Mozilla Firefox prior to 24.0, Firefox ESR 17.x prior to 17.0.9, Thunderbird prior to 24.0, Thunderbird ESR 17.x prior to 17.0.9, and SeaMonkey prior to 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain privileges by creating...
Mozilla Thunderbird Esr 17.0.7
Mozilla Thunderbird Esr 17.0
Mozilla Thunderbird Esr 17.0.8
Mozilla Thunderbird Esr 17.0.4
Mozilla Thunderbird Esr 17.0.3
Mozilla Thunderbird Esr 17.0.2
Mozilla Thunderbird Esr 17.0.1
Mozilla Thunderbird Esr 17.0.6
Mozilla Thunderbird Esr 17.0.5
Mozilla Thunderbird 17.0.5
Mozilla Thunderbird 17.0.6
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0.7
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.8
Mozilla Thunderbird
Mozilla Firefox 19.0.2
Mozilla Firefox
Mozilla Firefox 23.0
NA
CVE-2015-4475
The mozilla::AudioSink function in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read) via a ...
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox
Mozilla Firefox Esr 38.0
Canonical Ubuntu Linux 15.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
5.9
CVSSv3
CVE-2020-12413
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.
Mozilla Firefox
Mozilla Firefox Esr
9.8
CVSSv3
CVE-2019-11733
When a master password is set, it is required to be entered again before stored passwords can be accessed in the 'Saved Logins' dialog. It was found that locally stored passwords can be copied to the clipboard thorough the 'copy password' context menu item wit...
Mozilla Firefox
Mozilla Firefox Esr
6.5
CVSSv3
CVE-2019-11747
The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on...
Mozilla Firefox
Mozilla Firefox Esr
6.5
CVSSv3
CVE-2019-11748
WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This ...
Mozilla Firefox
Mozilla Firefox Esr
4.3
CVSSv3
CVE-2019-11749
A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of...
Mozilla Firefox Esr
Mozilla Firefox
6.5
CVSSv3
CVE-2023-4052
The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbo...
Mozilla Firefox
Mozilla Firefox Esr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »