Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-4567
Mozilla Firefox prior to 1.5.0.7 and Thunderbird prior to 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted malicious users to use DNS spoofing to trick users into visiting a malicious site and...
Mozilla Firefox
Mozilla Thunderbird
6.8
CVSSv2
CVE-2019-11712
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an malicious user to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
9.3
CVSSv2
CVE-2007-1092
Mozilla Firefox 1.5.0.9 and 2.0.0.1, and SeaMonkey prior to 1.0.8 allow remote malicious users to execute arbitrary code via JavaScript onUnload handlers that modify the structure of a document, wich triggers memory corruption due to the lack of a finalize hook on DOM window obje...
Mozilla Firefox 1.5.0.9
Mozilla Firefox 2.0.0.1
Mozilla Seamonkey
4
CVSSv2
CVE-2006-4340
Mozilla Network Security Service (NSS) library prior to 3.11.3, as used in Mozilla Firefox prior to 1.5.0.7, Thunderbird prior to 1.5.0.7, and SeaMonkey prior to 1.0.5, when using an RSA key with exponent 3, does not properly handle extra data in a signature, which allows remote ...
Mozilla Seamonkey
Mozilla Network Security Services
Mozilla Firefox
Mozilla Thunderbird
4.3
CVSSv2
CVE-2016-1958
browser/base/content/browser.js in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to spoof the address bar via a javascript: URL.
Oracle Linux 5.0
Oracle Linux 6
Oracle Linux 7
Opensuse Opensuse 13.1
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
5
CVSSv2
CVE-2006-4566
Mozilla Firefox prior to 1.5.0.7, Thunderbird prior to 1.5.0.7, and SeaMonkey prior to 1.0.5 allows remote malicious users to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\&quo...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Seamonkey
9.3
CVSSv2
CVE-2006-4565
Heap-based buffer overflow in Mozilla Firefox prior to 1.5.0.7, Thunderbird prior to 1.5.0.7, and SeaMonkey prior to 1.0.5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a JavaScript regular expression with a "minim...
Mozilla Thunderbird
Mozilla Firefox
Mozilla Seamonkey
7.5
CVSSv2
CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote malicious users to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Mozilla Network Security Services 3.2
Mozilla Network Security Services 3.2.1
Mozilla Network Security Services 3.5
Mozilla Network Security Services 3.6
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.8
Netscape Directory Server 4.11
Netscape Directory Server 4.13
Netscape Enterprise Server 3.0.7a
Netscape Enterprise Server 3.0l
Mozilla Network Security Services 3.4.1
Mozilla Network Security Services 3.4.2
Mozilla Network Security Services 3.7.3
Mozilla Network Security Services 3.7.5
Netscape Directory Server 3.12
Netscape Directory Server 4.1
Netscape Enterprise Server 3.0.1
Netscape Enterprise Server 3.0.1b
Netscape Enterprise Server 3.5
Netscape Enterprise Server 3.5.1
Netscape Enterprise Server 4.1.1
Netscape Enterprise Server 4.1
6.8
CVSSv2
CVE-2016-1966
The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRuntime.cpp in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to execute arbitrary code or cause a denial of service (invalid pointer dereference and memory corrupt...
Oracle Linux 5.0
Oracle Linux 7
Oracle Linux 6
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
Mozilla Thunderbird
Opensuse Opensuse 13.1
7.5
CVSSv2
CVE-2019-11713
A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »