Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
origin vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-1967
Mozilla Firefox prior to 45.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages history.back and perform...
Mozilla Firefox
NA
CVE-2009-2472
Mozilla Firefox prior to 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross...
Mozilla Firefox
Fedoraproject Fedora 10
Suse Linux Enterprise Debuginfo 10
Suse Linux Enterprise Debuginfo 11
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
8.1
CVSSv3
CVE-2019-6453
mIRC prior to 7.55 allows remote command execution by using argument injection through custom URI protocol handlers. The attacker can specify an irc:// URI that loads an arbitrary .ini file from a UNC share pathname. Exploitation depends on browser-specific URI handling (Chrome i...
Mirc Mirc
3 Github repositories
NA
CVE-2012-5841
Mozilla Firefox prior to 17.0, Firefox ESR 10.x prior to 10.0.11, Thunderbird prior to 17.0, Thunderbird ESR 10.x prior to 10.0.11, and SeaMonkey prior to 2.14 implement cross-origin wrappers with a filtering behavior that does not properly restrict write actions, which allows re...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Thunderbird Esr
Opensuse Opensuse 11.4
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Eus 6.3
Redhat Enterprise Linux Server 5.0
NA
CVE-2012-0475
Mozilla Firefox 4.x up to and including 11.0, Thunderbird 5.0 up to and including 11.0, and SeaMonkey prior to 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote malicious users to bypass an IPv6 literal ACL via a cross-site (...
Mozilla Firefox 4.0.1
Mozilla Firefox 4.0
Mozilla Firefox 5.0.1
Mozilla Firefox 6.0
Mozilla Firefox 9.0
Mozilla Firefox 10.0
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 10.0.1
Mozilla Firefox 10.0.2
Mozilla Firefox 7.0
Mozilla Firefox 8.0
Mozilla Firefox 11.0
Mozilla Firefox 5.0
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 10.0.2
Mozilla Thunderbird 10.0.3
Mozilla Thunderbird 10.0.4
NA
CVE-2009-3375
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x prior to 3.0.15 and 3.5.x prior to 3.5.4 allows user-assisted remote malicious users to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection function.
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.9
7.8
CVSSv3
CVE-2019-1636
A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an malicious user to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An a...
Cisco Webex Teams 3.0.4533
1 Article
NA
CVE-2008-2800
Mozilla Firefox prior to 2.0.0.15 and SeaMonkey prior to 1.1.10 allow remote malicious users to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded...
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0.0.9
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.8
Mozilla Firefox
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Mozilla Firefox 2.0.0.7
Mozilla Firefox 2.0.0.8
Mozilla Seamonkey 1.1.6
Mozilla Seamonkey 1.1.7
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.3
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.5
Mozilla Firefox 2.0.0.6
NA
CVE-2007-6574
Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 1.8.4 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the origin parameter to work/work.php in a display_upload_form action, or the forum parameter to (2) forum/viewfor...
Dokeos Open Source Learning And Knowledge Management Tool 1.5.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5.5
Dokeos Open Source Learning And Knowledge Management Tool 1.6.4
Dokeos Open Source Learning And Knowledge Management Tool 1.6.5
Dokeos Open Source Learning And Knowledge Management Tool 1.4
Dokeos Open Source Learning And Knowledge Management Tool 1.5
Dokeos Open Source Learning And Knowledge Management Tool 1.5.3
Dokeos Open Source Learning And Knowledge Management 1.8
Dokeos Open Source Learning And Knowledge Management 1.8.4
Dokeos Open Source Learning And Knowledge Management Tool 1.8
Dokeos Open Source Learning And Knowledge Management Tool 1.8.4
3 EDB exploits
5.4
CVSSv3
CVE-2015-8688
Gajim prior to 0.16.5 allows remote malicious users to modify the roster and intercept messages via a crafted roster-push IQ stanza.
Gajim Gajim
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »