Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 11.0 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-6867
The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear....
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.5
CVSSv3
CVE-2023-6865
`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR < 115.6 and Firefox < 121.
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
NA
CVE-2012-4190
The FT2FontEntry::CreateFontEntry function in FreeType, as used in the Android build of Mozilla Firefox prior to 16.0.1 on CyanogenMod 10, allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...
Mozilla Firefox 14.0.1
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 5.0
Mozilla Firefox 4.0
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.25
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.5
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.7
Mozilla Firefox 3.5.15
Mozilla Firefox 3.0.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.9
Mozilla Firefox 2.0.0.14
NA
CVE-2012-3987
Mozilla Firefox prior to 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote malicious users to bypass intended access restrictions via a crafted web site.
Mozilla Firefox 14.0
Mozilla Firefox 13.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 6.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.6.25
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.8
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.11
Mozilla Firefox 3.0.11
Mozilla Firefox 3.6.9
Mozilla Firefox 3.0.10
NA
CVE-2013-0790
Unspecified vulnerability in the browser engine in Mozilla Firefox prior to 20.0 on Android allows remote malicious users to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.
Mozilla Firefox 18.0
Mozilla Firefox 18.0.1
Mozilla Firefox 15.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 10.0.2
Mozilla Firefox 10.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 4.0
Mozilla Firefox 3.6.21
Mozilla Firefox 18.0.2
Mozilla Firefox 17.0.1
Mozilla Firefox 17.0
Mozilla Firefox 14.0
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 5.0
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.2
NA
CVE-2012-4206
Untrusted search path vulnerability in the installer in Mozilla Firefox prior to 17.0 and Firefox ESR 10.x prior to 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
Mozilla Firefox 16.0
Mozilla Firefox 16.0.1
Mozilla Firefox 15.0
Mozilla Firefox 12.0
Mozilla Firefox 11.0
Mozilla Firefox 8.0
Mozilla Firefox 7.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.1
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6
Mozilla Firefox 3.6.11
Mozilla Firefox 3.5.14
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
NA
CVE-2015-0832
Mozilla Firefox prior to 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle malicious users to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.1
NA
CVE-2015-0834
The WebRTC subsystem in Mozilla Firefox prior to 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle malicious users to discover credentials by spoofing a server and completing a brute-force at...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
NA
CVE-2015-0835
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 36.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox 33.0
Mozilla Firefox 32.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.8
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.11
Mozilla Firefox 27.0.1
Mozilla Firefox 27.0
1 Article
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »