Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla nss vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-11715
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
1.2
CVSSv2
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the rec...
Mozilla Firefox
Opensuse Leap 15.1
Fedoraproject Fedora 32
Opensuse Leap 15.2
Debian Debian Linux 9.0
6.8
CVSSv2
CVE-2016-1952
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vector...
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Novell Suse Package Hub For Suse Linux Enterprise 12
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
6.8
CVSSv2
CVE-2007-0994
A regression error in Mozilla Firefox 2.x prior to 2.0.0.2 and 1.x prior to 1.5.0.10, and SeaMonkey 1.1 prior to 1.1.1 and 1.0 prior to 1.0.8, allows remote malicious users to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI in an (1) img, ...
Mozilla Seamonkey
Mozilla Firefox
Debian Debian Linux 3.1
6.8
CVSSv2
CVE-2016-1960
Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to execute arbitrary code or cause a denial of service (use-after-free) by leveraging mishandling of end ...
Oracle Linux 5.0
Oracle Linux 6
Oracle Linux 7
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Suse Linux Enterprise 12.0
Opensuse Leap 42.1
2 EDB exploits
4.3
CVSSv2
CVE-2016-1957
Memory leak in libstagefright in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 allows remote malicious users to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Opensuse 13.1
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Oracle Linux 7
Oracle Linux 5.0
Oracle Linux 6
NA
CVE-2023-25734
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.8
CVSSv2
CVE-2016-1954
The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote malicious users to c...
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.0
Mozilla Thunderbird
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Novell Suse Package Hub For Suse Linux Enterprise 12
Opensuse Leap 42.1
Oracle Linux 6
Oracle Linux 5.0
Oracle Linux 7
10
CVSSv2
CVE-2006-4571
Multiple unspecified vulnerabilities in Firefox prior to 1.5.0.7, Thunderbird prior to 1.5.0.7, and SeaMonkey prior to 1.0.5 allow remote malicious users to cause a denial of service (crash), corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of whi...
Mozilla Seamonkey
Mozilla Thunderbird
NA
CVE-2023-25728
The <code>Content-Security-Policy-Report-Only</code> header could allow an malicious user to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firef...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »