Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox focus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5340
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox prior to 2.0.0.8, Thunderbird prior to 2.0.0.8, and SeaMonkey prior to 1.1.5 allow remote malicious users to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
Mozilla Seamonkey
Mozilla Thunderbird
Mozilla Firefox
NA
CVE-2008-0594
Mozilla Firefox prior to 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote malicious users to conduct phishing attacks.
Mozilla Firefox
NA
CVE-2007-5338
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allow remote malicious users to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Mozilla Seamonkey
Mozilla Firefox
NA
CVE-2007-5337
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote malicious users to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which...
Gnome Gnome-vfs
Mozilla Firefox
Mozilla Seamonkey
8.8
CVSSv3
CVE-2023-25746
Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 10...
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2007-2292
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allows remote malicious users to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
Mozilla Firefox
Mozilla Seamonkey
Microsoft Internet Explorer 7.0.5730.11
8.8
CVSSv3
CVE-2023-25731
Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.
Mozilla Firefox
NA
CVE-2024-1563
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS < 122.
NA
CVE-2024-2609
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
6.5
CVSSv3
CVE-2018-12373
dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9.
Mozilla Thunderbird
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 7.5
Redhat Enterprise Linux 7.6
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7