Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefox_esr vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-12381
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating syst...
Mozilla Firefox Esr
Mozilla Firefox
5.3
CVSSv3
CVE-2017-7763
Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
Debian Debian Linux 9.0
Debian Debian Linux 8.0
5.3
CVSSv3
CVE-2017-7782
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerab...
Mozilla Thunderbird
Mozilla Firefox Esr
Mozilla Firefox
5.3
CVSSv3
CVE-2017-7825
Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vul...
Debian Debian Linux 7.0
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
4.7
CVSSv3
CVE-2020-6827
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vul...
Mozilla Firefox Esr
4.3
CVSSv3
CVE-2023-5726
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. *Note: This issue only affected macOS operating systems. Other operating systems are unaffected.* This vulnerability affe...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
4.3
CVSSv3
CVE-2020-6797
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, l...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
NA
CVE-2015-7178
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, mishandles shader access, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
NA
CVE-2015-7179
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote malicious users to execute arbitrary c...
Mozilla Firefox
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
NA
CVE-2015-4505
updater.exe in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »