Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
build environment vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2007-3737
Mozilla Firefox prior to 2.0.0.5 allows remote malicious users to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."
Mozilla Firefox 2.0.0.2
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.1
605
VMScore
CVE-2007-3656
Mozilla Firefox prior to 1.8.0.13 and 1.8.1.x prior to 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote malicious users to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) H...
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 1.5.6
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.7
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.0.3
NA
CVE-2023-24540
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during exe...
Golang Go
3 Github repositories
NA
CVE-2023-29403
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is execute...
Golang Go
Fedoraproject Fedora 38
1 Github repository
NA
CVE-2023-24538
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the act...
Golang Go
2 Github repositories
NA
CVE-2023-24539
Angle brackets (<>) are not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character can result in unexpectedly closing the CSS context and allowing for injection of unexpected HTML, if exe...
Golang Go
1 Github repository
383
VMScore
CVE-2007-3089
Mozilla Firefox prior to 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote malicious users to display arbitrary HTML or execute certain JavaScript code, as demonstrated by ...
Mozilla Firefox 0.8
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 2.0.0.2
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Firefox
Mozilla Firefox 1.5.6
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.7
Mozilla Firefox 2.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.5.0.8
NA
CVE-2022-41723
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Golang Go
Golang Go 1.20.0
Golang Http2
Golang Hpack
2 Github repositories
828
VMScore
CVE-2007-3735
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox prior to 2.0.0.5 and Thunderbird prior to 2.0.0.5 allow remote malicious users to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
Mozilla Thunderbird 2.0.0.4
Mozilla Firefox 2.0.0.2
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0.0.2
Mozilla Thunderbird 2.0.0.0
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.1
Mozilla Thunderbird 2.0.0.1
828
VMScore
CVE-2007-3734
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 2.0.0.5 and Thunderbird prior to 2.0.0.5 allow remote malicious users to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
Mozilla Thunderbird 2.0.0.4
Mozilla Firefox 2.0.0.2
Mozilla Thunderbird 2.0.0.3
Mozilla Thunderbird 2.0.0.2
Mozilla Thunderbird 2.0.0.0
Mozilla Firefox 2.0
Mozilla Firefox 2.0.0.3
Mozilla Firefox 2.0.0.4
Mozilla Firefox 2.0.0.1
Mozilla Thunderbird 2.0.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »