Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefox_esr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-7178
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, mishandles shader access, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
NA
CVE-2015-7179
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote malicious users to execute arbitrary c...
Mozilla Firefox
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
NA
CVE-2015-4505
updater.exe in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
NA
CVE-2014-1595
Mozilla Firefox prior to 34.0, Firefox ESR 31.x prior to 31.3, and Thunderbird prior to 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp file...
Mozilla Firefox Esr 31.2
Mozilla Firefox Esr 31.1.1
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
Mozilla Thunderbird
Mozilla Firefox
NA
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7 on Windows allows remote malicious users to execute arbitrary code via crafted use of fonts in MathML content, leading to im...
Mozilla Firefox Esr 24.6
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
Mozilla Firefox Esr 24.2
Mozilla Firefox Esr 24.3
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Firefox Esr 24.0.1
Mozilla Firefox Esr 24.0.2
Mozilla Firefox
Mozilla Thunderbird
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox Esr 24.0
Mozilla Firefox Esr 24.4
Mozilla Firefox Esr 24.5
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Firefox Esr 24.1.0
Mozilla Firefox Esr 24.1.1
8.8
CVSSv3
CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 da...
Mozilla Network Security Services 3.21
Mozilla Network Security Services 3.19.2
Mozilla Network Security Services 3.20
Mozilla Network Security Services 3.20.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Oracle Linux 5.0
Oracle Vm Server 3.2
Oracle Linux 7
Oracle Linux 6
NA
CVE-2015-4481
Race condition in the Mozilla Maintenance Service in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
Mozilla Firefox
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Oracle Solaris 11.3
1 EDB exploit
7.8
CVSSv3
CVE-2016-2826
The maintenance service in Mozilla Firefox prior to 47.0 and Firefox ESR 45.x prior to 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
Mozilla Firefox Esr 45.1.1
Mozilla Firefox Esr 45.1.0
Mozilla Firefox
5.5
CVSSv3
CVE-2020-15649
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability...
Mozilla Firefox Esr
4.7
CVSSv3
CVE-2020-6827
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vul...
Mozilla Firefox Esr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »