Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gareth heyes vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4066
Mozilla Firefox 2.0.0.14, and other versions prior to 2.0.0.17, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a &qu...
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.16
NA
CVE-2008-5023
Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
NA
CVE-2008-5018
The JavaScript engine in Mozilla Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to cause a denial of service (crash) via vectors related to "insufficient class chec...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-3835
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox prior to 2.0.0.17, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.13
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey
Mozilla Thunderbird 2.0.0.1
Mozilla Firefox 0.8
Mozilla Firefox 0.10.1
NA
CVE-2008-3836
feedWriter in Mozilla Firefox prior to 2.0.0.17 allows remote malicious users to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI funct...
Mozilla Firefox 0.9 Rc
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 1.5
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Firefox 1.5.6
Mozilla Firefox 2.0.0.15
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.7
NA
CVE-2008-3837
Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, and SeaMonkey prior to 1.1.12, allow user-assisted remote malicious users to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown actio...
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
NA
CVE-2008-4058
The XPConnect component in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors r...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-4059
The XPConnect component in Mozilla Firefox prior to 2.0.0.17 allows remote malicious users to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.12
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 2.0.0.13
Mozilla Firefox
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.6
Mozilla Firefox 2.0.0.1
Mozilla Firefox 2.0
Mozilla Firefox 0.10
Mozilla Firefox 0.8
Mozilla Firefox 1.0.3
Mozilla Firefox 0.9
Mozilla Firefox 1.5
Mozilla Firefox 1.0.8
NA
CVE-2008-4060
Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allow remote malicious users to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to (1)...
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.13
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey
Mozilla Thunderbird 2.0.0.1
Mozilla Thunderbird 1.5.1
Mozilla Thunderbird 2.0.0.12
Mozilla Thunderbird 1.0.2
NA
CVE-2008-4061
Integer overflow in the MathML component in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly exec...
Mozilla Thunderbird
Mozilla Seamonkey
Mozilla Firefox
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »