Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefox mobile vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-38476
A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunder...
Mozilla Thunderbird
Mozilla Firefox Esr
1 Article
6.5
CVSSv3
CVE-2022-1097
<code>NSSToken</code> objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and F...
Mozilla Firefox Esr
Mozilla Thunderbird
Mozilla Firefox
1 Article
5.6
CVSSv3
CVE-2017-5715
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
47 Github repositories
9 Articles
5.6
CVSSv3
CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Intel Atom C C2308
Intel Atom C C2316
Intel Atom C C2338
Intel Atom C C2350
Intel Atom C C2358
Intel Atom C C2508
Intel Atom C C2516
Intel Atom C C2518
Intel Atom C C2530
Intel Atom C C2538
Intel Atom C C2550
Intel Atom C C2558
Intel Atom C C2718
Intel Atom C C2730
Intel Atom C C2738
Intel Atom C C2750
Intel Atom C C2758
Intel Atom C C3308
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3538
Intel Atom C C3558
1 EDB exploit
42 Github repositories
9 Articles
5.6
CVSSv3
CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Intel Pentium N N3700
Intel Pentium N N3710
Intel Celeron N N3000
Intel Celeron N N3010
Intel Celeron N N3050
Intel Celeron N N2930
Intel Celeron N N2920
Intel Celeron N N2808
Intel Celeron N N2807
Intel Celeron J J3060
Intel Celeron J J1900
Intel Atom X3 C3295rk
Intel Atom X3 C3235rk
Intel Atom Z Z3775d
Intel Atom Z Z3775
Intel Atom Z Z3736f
Intel Atom Z Z3735g
Intel Atom Z Z3560
Intel Atom Z Z3530
Intel Atom Z Z2480
Intel Atom Z Z2460
Intel Atom C C3308
41 Github repositories
8 Articles
4.8
CVSSv3
CVE-2018-10229
A hardware vulnerability in GPU memory modules allows malicious users to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
Mozilla Firefox -
Google Chrome -
Lg Nexus 5 -
1 Github repository
NA
CVE-2024-29944
An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox...
2 Articles
NA
CVE-2012-1131
FreeType prior to 2.4.9, as used in Mozilla Firefox Mobile prior to 10.0.4 and other products, on 64-bit platforms allows remote malicious users to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related...
Freetype Freetype 2.0.3
Freetype Freetype 2.4.0
Freetype Freetype 2.4.2
Mozilla Firefox Mobile 4.0
Freetype Freetype 2.3.6
Freetype Freetype
Freetype Freetype 2.1.9
Freetype Freetype 2.1.10
Freetype Freetype 2.3.4
Freetype Freetype 2.0.1
Freetype Freetype 2.3.5
Mozilla Firefox Mobile 8.0
Mozilla Firefox Mobile 10.0.1
Mozilla Firefox Mobile 7.0
Freetype Freetype 2.1
Freetype Freetype 2.1.5
Freetype Freetype 2.3.10
Mozilla Firefox Mobile 10.0.2
Freetype Freetype 1.3.1
Mozilla Firefox Mobile 6.0.2
Freetype Freetype 2.4.4
Freetype Freetype 2.4.6
NA
CVE-2012-1138
FreeType prior to 2.4.9, as used in Mozilla Firefox Mobile prior to 10.0.4 and other products, allows remote malicious users to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruct...
Mozilla Firefox Mobile 10.0.2
Mozilla Firefox Mobile 10.0.1
Mozilla Firefox Mobile 6.0
Mozilla Firefox Mobile 5.0
Freetype Freetype 2.3.9
Freetype Freetype 2.1
Freetype Freetype 2.4.2
Freetype Freetype 2.3.8
Freetype Freetype 2.3.10
Freetype Freetype 2.3.1
Freetype Freetype 2.3.3
Freetype Freetype 2.1.7
Freetype Freetype 2.2.1
Freetype Freetype 2.0.6
Freetype Freetype 2.0.2
Freetype Freetype 2.0.1
Mozilla Firefox Mobile 8.0
Mozilla Firefox Mobile 7.0
Mozilla Firefox Mobile 4.0
Freetype Freetype 2.3.5
Freetype Freetype 2.4.7
Freetype Freetype 2.3.2
NA
CVE-2012-1126
FreeType prior to 2.4.9, as used in Mozilla Firefox Mobile prior to 10.0.4 and other products, allows remote malicious users to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font...
Freetype Freetype 2.0.3
Freetype Freetype 2.4.0
Freetype Freetype 2.4.2
Mozilla Firefox Mobile 4.0
Freetype Freetype 2.3.6
Freetype Freetype
Freetype Freetype 2.1.9
Freetype Freetype 2.1.10
Freetype Freetype 2.3.4
Freetype Freetype 2.0.1
Freetype Freetype 2.3.5
Mozilla Firefox Mobile 8.0
Mozilla Firefox Mobile 10.0.1
Mozilla Firefox Mobile 7.0
Freetype Freetype 2.1
Freetype Freetype 2.1.5
Freetype Freetype 2.3.10
Mozilla Firefox Mobile 10.0.2
Freetype Freetype 1.3.1
Mozilla Firefox Mobile 6.0.2
Freetype Freetype 2.4.4
Freetype Freetype 2.4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »