Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 11.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-38496
During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.1...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2021-38500
Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thun...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2021-38502
Thunderbird ignored the configuration to require STARTTLS security for an SMTP connection. A MITM could perform a downgrade attack to intercept transmitted messages, or could take control of the authenticated session to execute SMTP commands chosen by the MITM. If an unprotected ...
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
3.7
CVSSv3
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
NA
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
NA
CVE-2015-0822
The Form Autocompletion feature in Mozilla Firefox prior to 36.0, Firefox ESR 31.x prior to 31.5, and Thunderbird prior to 31.5 allows remote malicious users to read arbitrary files via crafted JavaScript code.
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 1.5.2
Mozilla Firefox 15.0.1
Mozilla Firefox 8.0
Mozilla Firefox 3.0.9
NA
CVE-2015-0823
Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox prior to 36.0, might allow remote malicious users to trigger problematic Developer Console information or possibly have unspecified other impact by leveraging incorrect macro expansion, rela...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Opentype Sanitiser Project Opentype Sanitiser
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
Mozilla Firefox 3.0.7
NA
CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox prior to 36.0 allows remote malicious users to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo l...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Mozilla Firefox 13.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 18.0
Mozilla Firefox 0.1
Mozilla Firefox 10.0.7
Mozilla Firefox 4.0
Mozilla Firefox 3.6.2
Mozilla Firefox 19.0
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 3.5.18
Mozilla Firefox 1.5
Mozilla Firefox 3.6.28
Mozilla Firefox 3.0.17
Mozilla Firefox 3.5.3
Mozilla Firefox 26.0
Mozilla Firefox 18.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »