Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
epiphany vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) up to and including 3.28.2.1 allows remote malicious users to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
Gnome Epiphany
1 Github repository
445
VMScore
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 prior to 3.23.5, 3.22 prior to 3.22.6, 3.20 prior to 3.20.7, 3.18 prior to 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
Gnome Epiphany 3.23.1.2
Gnome Epiphany 3.18.0
Gnome Epiphany 3.18.1
Gnome Epiphany 3.18.4
Gnome Epiphany 3.18.6
Gnome Epiphany 3.20.0
Gnome Epiphany 3.20.2
Gnome Epiphany 3.20.4
Gnome Epiphany 3.22.2
Gnome Epiphany 3.22.4
Gnome Epiphany 3.18.2
Gnome Epiphany 3.20.5
Gnome Epiphany 3.20.6
Gnome Epiphany 3.22.0
Gnome Epiphany 3.22.1
Gnome Epiphany 3.18.7
Gnome Epiphany 3.18.8
Gnome Epiphany 3.18.9
Gnome Epiphany 3.18.10
Gnome Epiphany 3.23.1
Gnome Epiphany 3.23.2
Gnome Epiphany 3.23.3
668
VMScore
CVE-2015-6538
The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which allows remote malicious users to conduct LDAP injection attacks, and consequently bypass intended access restrictions, via a crafted URL.
Ephiphanyheathdata Cardio Server 4.1
Ephiphanyheathdata Cardio Server 4.0
Ephiphanyheathdata Cardio Server 3.3
668
VMScore
CVE-2015-6537
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote malicious users to execute arbitrary SQL commands via a crafted URL.
Epiphanyhealthdata Cardio Server 3.3
516
VMScore
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle malicious users to spoof arbitrary https web sites via a crafted ...
Gnome Epiphany 2.28
Gnome Epiphany 2.29
231
VMScore
CVE-2010-2751
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to spoof the SSL security status of a document via vectors involving multi...
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.6
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.3
935
VMScore
CVE-2010-2752
Integer overflow in an array class in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code by placing many Cascading Style Sh...
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.6
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.1
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.0.1
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.2
Mozilla Thunderbird 3.0.3
Mozilla Seamonkey 1.0.5
1 EDB exploit
828
VMScore
CVE-2010-2753
Integer overflow in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 allows remote malicious users to execute arbitrary code via a large selection attribute in a XUL tree elemen...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird 3.1
Mozilla Thunderbird
Suse Linux Enterprise Desktop 11
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 11
383
VMScore
CVE-2010-1207
Mozilla Firefox prior to 3.6.7 and Thunderbird prior to 3.1.1 do not properly implement read restrictions for CANVAS elements, which allows remote malicious users to obtain sensitive cross-origin information via vectors involving reference retention and node deletion.
Mozilla Firefox 3.6
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.4
Mozilla Firefox
Mozilla Firefox 3.6.3
Mozilla Thunderbird
828
VMScore
CVE-2010-1208
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to execute arbitrary code via vectors related to deletion o...
Mozilla Firefox
Mozilla Seamonkey
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »