Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
carsten book vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2016-1947
Mozilla Firefox 43.x mishandles attempts to connect to the Application Reputation service, which makes it easier for remote malicious users to trigger an unintended download by leveraging the absence of reputation data.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 43.0
Mozilla Firefox 43.0.4
Mozilla Firefox 43.0.3
Mozilla Firefox 43.0.2
Mozilla Firefox 43.0.1
NA
CVE-2014-1489
Mozilla Firefox prior to 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote malicious users to cause a denial of service (session restore) via a crafted web site.
Oracle Solaris 11.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Firefox
Mozilla Firefox 0.1
Mozilla Firefox 0.6
Mozilla Firefox 0.6.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
NA
CVE-2014-1526
The XrayWrapper implementation in Mozilla Firefox prior to 29.0 and SeaMonkey prior to 2.26 allows user-assisted remote malicious users to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM...
Mozilla Firefox
Mozilla Seamonkey
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Canonical Ubuntu Linux 14.04
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Fedoraproject Fedora 19
5.3
CVSSv3
CVE-2016-1939
Mozilla Firefox prior to 44.0 stores cookies with names containing vertical tab characters, which allows remote malicious users to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208.
Opensuse Opensuse 13.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Mozilla Firefox
NA
CVE-2015-4518
The Reader View implementation in Mozilla Firefox prior to 42.0 has an improper whitelist, which makes it easier for remote malicious users to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG an...
Mozilla Firefox
NA
CVE-2014-1584
The Public Key Pinning (PKP) implementation in Mozilla Firefox prior to 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote malicious users to bypass an intended pinning configuration and spoof a web site via a crafted certifi...
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox
6.1
CVSSv3
CVE-2016-1937
The protocol-handler dialog in Mozilla Firefox prior to 44.0 allows remote malicious users to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.
Mozilla Firefox
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
9.8
CVSSv3
CVE-2016-1944
The Buffer11::NativeBuffer11::map function in ANGLE, as used in Mozilla Firefox prior to 44.0, might allow remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Mozilla Firefox 43.0.4
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
8.8
CVSSv3
CVE-2016-1945
The nsZipArchive function in Mozilla Firefox prior to 44.0 might allow remote malicious users to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive.
Mozilla Firefox 43.0.4
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
6.5
CVSSv3
CVE-2016-2816
Mozilla Firefox prior to 46.0 allows remote malicious users to bypass the Content Security Policy (CSP) protection mechanism via the multipart/x-mixed-replace content type.
Mozilla Firefox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »