Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gareth heyes vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4066
Mozilla Firefox 2.0.0.14, and other versions prior to 2.0.0.17, allows remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a &qu...
Mozilla Firefox 2.0.0.14
Mozilla Firefox 2.0.0.15
Mozilla Firefox 2.0.0.16
NA
CVE-2008-5023
Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Mozilla Firefox
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
NA
CVE-2008-5018
The JavaScript engine in Mozilla Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, Thunderbird 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 allows remote malicious users to cause a denial of service (crash) via vectors related to "insufficient class chec...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-4065
Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allow remote malicious users to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are rem...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
NA
CVE-2008-4067
Directory traversal vulnerability in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 on Linux allows remote malicious users to read arbitrary files via a .. (dot dot) and URL-encoded / (slash) characters in a ...
Mozilla Firefox
Mozilla Thunderbird
Mozilla Seamonkey
Debian Debian Linux 4.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
NA
CVE-2008-4068
Directory traversal vulnerability in Mozilla Firefox prior to 2.0.0.17 and 3.x prior to 3.0.2, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to bypass "restrictions imposed on local HTML files," and obtain sensitive informati...
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.10
NA
CVE-2008-4069
The XBM decoder in Mozilla Firefox prior to 2.0.0.17 and SeaMonkey prior to 1.1.12 allows remote malicious users to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file.
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.1
Mozilla Seamonkey
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.0.99
Mozilla Firefox 0.9
Mozilla Firefox 0.9 Rc
Mozilla Firefox 0.10
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
NA
CVE-2008-0016
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox prior to 2.0.0.17 and SeaMonkey prior to 1.1.12 allows remote malicious users to execute arbitrary code via a crafted UTF-8 URL in a link.
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.2
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5.0.7
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.13
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.0.99
Mozilla Seamonkey
Mozilla Firefox 0.9 Rc
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 1.5.0.12
Mozilla Firefox 1.5.0.1
1 EDB exploit
NA
CVE-2008-3835
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox prior to 2.0.0.17, Thunderbird prior to 2.0.0.17, and SeaMonkey prior to 1.1.12 allows remote malicious users to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0
Mozilla Firefox 1.0.3
Mozilla Firefox 1.5.0.4
Mozilla Firefox 1.5.0.5
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.7
Mozilla Firefox 1.5.0.8
Mozilla Firefox 1.5.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0.0.10
Mozilla Firefox 2.0.0.13
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.7
Mozilla Seamonkey 1.0.2
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey
Mozilla Thunderbird 2.0.0.1
Mozilla Firefox 0.8
Mozilla Firefox 0.10.1
NA
CVE-2008-3836
feedWriter in Mozilla Firefox prior to 2.0.0.17 allows remote malicious users to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI funct...
Mozilla Firefox 0.9 Rc
Mozilla Firefox 0.8
Mozilla Firefox 2.0.0.12
Mozilla Firefox 1.5
Mozilla Firefox 1.5.2
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.8
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.3
Mozilla Firefox 1.5.0.11
Mozilla Firefox
Mozilla Firefox 1.5.4
Mozilla Firefox 1.0.2
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.7
Mozilla Firefox 0.10.1
Mozilla Firefox 0.9
Mozilla Firefox 1.5.6
Mozilla Firefox 2.0.0.15
Mozilla Firefox 1.0
Mozilla Firefox 1.5.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »