Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefox_esr vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2015-7178
The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, mishandles shader access, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory cor...
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
668
VMScore
CVE-2015-7179
The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote malicious users to execute arbitrary c...
Mozilla Firefox
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
587
VMScore
CVE-2015-4505
updater.exe in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operation by the Mozilla Maintenance Service.
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox
187
VMScore
CVE-2014-1595
Mozilla Firefox prior to 34.0, Firefox ESR 31.x prior to 31.3, and Thunderbird prior to 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp file...
Mozilla Firefox Esr 31.2
Mozilla Firefox Esr 31.1.1
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
Mozilla Thunderbird
Mozilla Firefox
890
VMScore
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox prior to 31.0, Firefox ESR 24.x prior to 24.7, and Thunderbird prior to 24.7 on Windows allows remote malicious users to execute arbitrary code via crafted use of fonts in MathML content, leading to im...
Mozilla Firefox Esr 24.6
Mozilla Thunderbird 24.2
Mozilla Thunderbird 24.3
Mozilla Firefox Esr 24.2
Mozilla Firefox Esr 24.3
Mozilla Thunderbird 24.0
Mozilla Thunderbird 24.0.1
Mozilla Firefox Esr 24.0.1
Mozilla Firefox Esr 24.0.2
Mozilla Firefox
Mozilla Thunderbird
Mozilla Thunderbird 24.5
Mozilla Thunderbird 24.4
Mozilla Firefox Esr 24.0
Mozilla Firefox Esr 24.4
Mozilla Firefox Esr 24.5
Mozilla Thunderbird 24.1
Mozilla Thunderbird 24.1.1
Mozilla Firefox Esr 24.1.0
Mozilla Firefox Esr 24.1.1
605
VMScore
CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 da...
Mozilla Network Security Services 3.21
Mozilla Network Security Services 3.19.2
Mozilla Network Security Services 3.20
Mozilla Network Security Services 3.20.1
Mozilla Firefox
Mozilla Firefox Esr 38.6.1
Mozilla Firefox Esr 38.1.1
Mozilla Firefox Esr 38.1.0
Mozilla Firefox Esr 38.2.1
Mozilla Firefox Esr 38.2.0
Mozilla Firefox Esr 38.6.0
Mozilla Firefox Esr 38.5.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.5.0
Mozilla Firefox Esr 38.4.0
Mozilla Firefox Esr 38.3.0
Mozilla Firefox Esr 38.0
Oracle Linux 5.0
Oracle Vm Server 3.2
Oracle Linux 7
Oracle Linux 6
335
VMScore
CVE-2015-4481
Race condition in the Mozilla Maintenance Service in Mozilla Firefox prior to 40.0 and Firefox ESR 38.x prior to 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
Mozilla Firefox
Mozilla Firefox Esr 38.0
Mozilla Firefox Esr 38.0.1
Mozilla Firefox Esr 38.0.5
Mozilla Firefox Esr 38.1.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Oracle Solaris 11.3
1 EDB exploit
641
VMScore
CVE-2016-2826
The maintenance service in Mozilla Firefox prior to 47.0 and Firefox ESR 45.x prior to 45.2 on Windows does not prevent MAR extracted-file modification during updater execution, which might allow local users to gain privileges via a Trojan horse file.
Mozilla Firefox Esr 45.1.1
Mozilla Firefox Esr 45.1.0
Mozilla Firefox
383
VMScore
CVE-2020-15650
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulne...
Mozilla Firefox Esr
383
VMScore
CVE-2020-6827
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. <br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vul...
Mozilla Firefox Esr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »