Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefox_esr vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-15649
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability...
Mozilla Firefox Esr
7.5
CVSSv3
CVE-2020-6828
A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary mali...
Mozilla Firefox Esr
NA
CVE-2013-1712
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Updater in Mozilla Firefox prior to 23.0, Firefox ESR 17.x prior to 17.0.8, Thunderbird prior to 17.0.8, and Thunderbird ESR 17.x prior to 17.0.8 on Windows 7, Windows Server 2008 R2, Windows 8, and Windows ...
Mozilla Thunderbird Esr 17.0.7
Mozilla Thunderbird Esr 17.0.6
Mozilla Firefox Esr 17.0.7
Mozilla Firefox Esr 17.0.6
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox 19.0
Mozilla Thunderbird Esr 17.0
Mozilla Thunderbird Esr 17.0.1
Mozilla Firefox Esr 17.0.2
Mozilla Firefox Esr 17.0.1
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.1
Mozilla Firefox 19.0.1
Mozilla Firefox 19.0.2
Mozilla Thunderbird Esr 17.0.2
Mozilla Thunderbird Esr 17.0.3
Mozilla Firefox Esr 17.0
Mozilla Firefox Esr 17.0.3
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.4
NA
CVE-2013-1672
The Mozilla Maintenance Service in Mozilla Firefox prior to 21.0, Firefox ESR 17.x prior to 17.0.6, Thunderbird prior to 17.0.6, and Thunderbird ESR 17.x prior to 17.0.6 on Windows allows local users to bypass integrity verification and gain privileges via vectors involving junct...
Mozilla Firefox 20.0
Mozilla Firefox 19.0
Mozilla Firefox 19.0.1
Mozilla Firefox 19.0.2
Mozilla Firefox
Mozilla Firefox Esr 17.0.3
Mozilla Firefox Esr 17.0.2
Mozilla Firefox Esr 17.0.4
Mozilla Firefox Esr 17.0
Mozilla Firefox Esr 17.0.1
Mozilla Firefox Esr 17.0.5
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0
Mozilla Thunderbird Esr 17.0.4
Mozilla Thunderbird Esr 17.0.3
Mozilla Thunderbird Esr 17.0.1
Mozilla Thunderbird Esr
Mozilla Thunderbird Esr 17.0.2
NA
CVE-2013-0799
Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox prior to 20.0, Firefox ESR 17.x prior to 17.0.5, Thunderbird prior to 17.0.5, and Thunderbird ESR 17.x prior to 17.0.5 on Windows allows local users to gain privileges via crafted arguments.
Mozilla Firefox 19.0
Mozilla Firefox 19.0.1
Mozilla Firefox
Mozilla Firefox Esr 17.0
Mozilla Firefox Esr 17.0.1
Mozilla Firefox Esr 17.0.2
Mozilla Firefox Esr 17.0.3
Mozilla Firefox Esr 17.0.4
Mozilla Thunderbird 17.0.4
Mozilla Thunderbird 17.0
Mozilla Thunderbird 17.0.1
Mozilla Thunderbird 17.0.2
Mozilla Thunderbird 17.0.3
Mozilla Thunderbird Esr 17.0.3
Mozilla Thunderbird Esr 17.0.4
Mozilla Thunderbird Esr 17.0
Mozilla Thunderbird Esr 17.0.2
Mozilla Thunderbird Esr 17.0.1
8.8
CVSSv3
CVE-2016-2824
The TSymbolTableLevel class in ANGLE, as used in Mozilla Firefox prior to 47.0 and Firefox ESR 45.x prior to 45.2 on Windows, allows remote malicious users to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact by trigge...
Mozilla Firefox Esr 45.1.0
Mozilla Firefox Esr 45.1.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
5.3
CVSSv3
CVE-2018-12381
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only affects Windows operating systems with Outlook installed. Other operating syst...
Mozilla Firefox Esr
Mozilla Firefox
8.8
CVSSv3
CVE-2020-6799
Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application...
Mozilla Firefox
Mozilla Firefox Esr
5.5
CVSSv3
CVE-2017-5409
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only a...
Mozilla Firefox
Mozilla Firefox Esr
7
CVSSv3
CVE-2019-11736
The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race c...
Mozilla Firefox
Mozilla Firefox Esr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »