Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 11.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2023-5725
A malicious installed WebExtension could open arbitrary URLs, which under the right circumstance could be leveraged to collect sensitive user data. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2022-46877
By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.
Mozilla Firefox
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-38506
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR &l...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-43538
By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-43546
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird < 91.4.0, Firefox ESR < 91.4.0, and Firefox < 95.
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-38508
By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability a...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv3
CVE-2021-38509
Due to an unusual sequence of attacker-controlled events, a Javascript alert() dialog with arbitrary (although unstyled) contents could be displayed over top an uncontrolled webpage of the attacker's choosing. This vulnerability affects Firefox < 94, Thunderbird < 91.3...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
3.7
CVSSv3
CVE-2015-4000
The TLS protocol 1.2 and previous versions, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle malicious users to conduct cipher-downgrade attacks by rewriting a ClientHello with D...
Openssl Openssl
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 15.04
Hp Hp-ux B.11.31
Ibm Content Manager 8.5
Oracle Jrockit R28.3.6
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Oracle Jdk 1.8.0
Oracle Jre 1.7.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Suse Linux Enterprise Server 11.0
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Suse Suse Linux Enterprise Server 12
Apple Mac Os X
Apple Iphone Os
1 Nmap script
4 Github repositories
1 Article
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 25.0
Mozilla Firefox 24.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »