Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
michal zalewski vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5022
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the same-origin policy and execute arbitrary script via mul...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
NA
CVE-2008-5024
Mozilla Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 do not properly escape quote characters used for XML processing, which allows remote malicious users to conduct XML injection attacks via the de...
Mozilla Seamonkey
Mozilla Firefox
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-5013
Mozilla Firefox 2.x prior to 2.0.0.18 and SeaMonkey 1.x prior to 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote malicious users to execute arbitrary code via a crafted SWF file that "dynamically unloads itself f...
Mozilla Firefox 0.9.2
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.3
Mozilla Firefox 2.0.0.12
Mozilla Firefox 0.10
Mozilla Firefox 1.0
Mozilla Firefox 0.9
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.1
Mozilla Firefox 1.5.2
Mozilla Firefox 1.8
Mozilla Firefox 1.5.8
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0.0.9
NA
CVE-2008-4582
Mozilla Firefox 3.0.1 up to and including 3.0.3, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote malicious users to bypass the Same Or...
Debian Debian Linux 4.0
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.3
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.12
Mozilla Firefox 2.0.0.13
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0.0.16
Mozilla Firefox 2.0.0.17
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.11
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 7.10
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.1
1 EDB exploit
NA
CVE-2008-0017
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 does not check for an allocation failure, which allows remote malicious users to cause a denial of service (crash) and possibl...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Debian Debian Linux 4.0
Debian Debian Linux 5.0
NA
CVE-2007-5338
Mozilla Firefox prior to 2.0.0.8 and SeaMonkey prior to 1.1.5 allow remote malicious users to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
Mozilla Firefox
Mozilla Seamonkey
NA
CVE-2005-0469
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote malicious users to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
Ncsa Telnet
NA
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2
Gnu Bash 1.14.3
Gnu Bash 2.01.1
Gnu Bash 2.02
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.3
Gnu Bash 1.14.6
Gnu Bash 1.14.7
Gnu Bash 2.04
Gnu Bash 2.05
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.0
Gnu Bash 1.14.1
Gnu Bash 2.0
Gnu Bash 2.01
Gnu Bash 4.1
Gnu Bash 4.2
Gnu Bash 1.14.4
Gnu Bash 1.14.5
Gnu Bash 2.02.1
3 EDB exploits
4 Github repositories
NA
CVE-2008-4058
The XPConnect component in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors r...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-4062
Multiple unspecified vulnerabilities in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute a...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »