Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.3.2 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2009-0486
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote malicious users to bypass cross-site reques...
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.2.1
668
VMScore
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 up to and including 3.4.1, and 3.5, allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
605
VMScore
CVE-2009-1213
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 prior to 3.2.3, 3.3 prior to 3.3.4, and previous versions versions allows remote malicious users to hijack the authentication of arbitrary users for requests that use attachment editing.
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.3
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.3.1
445
VMScore
CVE-2009-3386
Template.pm in Bugzilla 3.3.2 up to and including 3.4.3 and 3.5 up to and including 3.5.1 allows remote malicious users to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
445
VMScore
CVE-2009-3387
Bugzilla 3.3.1 up to and including 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote malicious users to obtain sensitive information via a request for a bug in oppo...
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.2
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.3.1
668
VMScore
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 up to and including 3.0.8, 3.1.1 up to and including 3.2.4, and 3.3.1 up to and including 3.4.1 allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.1.4
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.2.2
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.0.8
356
VMScore
CVE-2010-2759
Bugzilla 2.23.1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticate...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 2.23.4
578
VMScore
CVE-2010-2757
The sudo feature in Bugzilla 2.22rc1 up to and including 3.2.7, 3.3.1 up to and including 3.4.7, 3.5.1 up to and including 3.6.1, and 3.7 up to and including 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to imperson...
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 3.7.2
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.7.1
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 3.6
Mozilla Bugzilla 2.22.6
516
VMScore
CVE-2009-0485
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete unused flag types via a link or IMG tag to editflagtypes.cgi.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0
Mozilla Bugzilla 2.18.6+
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 3.2
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.22.2
516
VMScore
CVE-2009-0482
Cross-site request forgery (CSRF) vulnerability in Bugzilla prior to 3.2 prior to 3.2.1, 3.3 prior to 3.3.2, and other versions prior to 3.2 allows remote malicious users to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 3.0.0
Mozilla Bugzilla 2.16 Rc2
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 2.18.8
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.17.2
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.16.2
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.20.5
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.3
Mozilla Bugzilla 2.22.6
Mozilla Bugzilla 2.17.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »