Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla vulnerabilities and exploits
(subscribe to this query)
231
VMScore
CVE-2005-0144
Firefox prior to 1.0 and Mozilla prior to 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Mozilla 1.7
Mozilla Firefox 0.8
Mozilla Mozilla 1.7.3
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Mozilla 1.7.1
Mozilla Mozilla 1.7.2
668
VMScore
CVE-2005-0147
Firefox prior to 1.0 and Mozilla prior to 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote malicious users to steal NTLM or SPNEGO credentials.
Mozilla Mozilla 1.7
Mozilla Mozilla 1.7.1
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 0.8
Mozilla Mozilla 1.7.2
Mozilla Mozilla 1.7.3
1000
VMScore
CVE-2011-2371
Integer overflow in the Array.reduceRight method in Mozilla Firefox prior to 3.6.18 and 4.x up to and including 4.0.1, Thunderbird prior to 3.1.11, and SeaMonkey up to and including 2.0.14 allows remote malicious users to execute arbitrary code via vectors involving a long JavaSc...
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.3
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey 1.5.0.10
Mozilla Seamonkey 1.5.0.8
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.0.7
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.4
3 EDB exploits
1 Github repository
676
VMScore
CVE-2011-2373
Use-after-free vulnerability in Mozilla Firefox prior to 3.6.18 and 4.x up to and including 4.0.1, Thunderbird prior to 3.1.11, and SeaMonkey up to and including 2.0.14, when JavaScript is disabled, allows remote malicious users to execute arbitrary code via a crafted XUL documen...
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.15
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.5
Mozilla Seamonkey 1.1.6
Mozilla Seamonkey 1.5.0.8
Mozilla Seamonkey 1.5.0.9
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.0.8
Mozilla Seamonkey 2.0.9
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.2
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 2.0.3
Mozilla Seamonkey 2.0.4
445
VMScore
CVE-2011-2377
Mozilla Firefox prior to 3.6.18 and 4.x up to and including 4.0.1, Thunderbird prior to 3.1.11, and SeaMonkey up to and including 2.0.14 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a mu...
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 2.0
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 2.0.10
Mozilla Seamonkey 2.0.11
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.15
Mozilla Seamonkey 1.1.4
Mozilla Seamonkey 1.1.5
383
VMScore
CVE-2015-0825
Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox prior to 36.0 allows remote malicious users to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during pl...
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.14
605
VMScore
CVE-2015-0826
The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox prior to 36.0 allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read of heap memory) via a crafted Cascading Style Sheets (CSS) token sequence that triggers a...
Mozilla Firefox 34.0.5
Mozilla Firefox 33.0
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.15
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.8
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.17
605
VMScore
CVE-2015-0828
Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox prior to 36.0, when a nonstandard memory allocator is used, allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted JavaScr...
Oracle Solaris 11.3
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox 3.6.28
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
445
VMScore
CVE-2015-0830
The WebGL implementation in Mozilla Firefox prior to 36.0 does not properly allocate memory for copying an unspecified string to a shader's compilation log, which allows remote malicious users to cause a denial of service (application crash) via crafted WebGL content.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.18
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.14
Mozilla Firefox 3.0.13
445
VMScore
CVE-2015-0832
Mozilla Firefox prior to 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle malicious users to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »