Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla bugzilla 3.4 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2009-3125
SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 up to and including 3.4.1, and 3.5, allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4.1
445
VMScore
CVE-2009-3166
token.cgi in Bugzilla 3.4rc1 up to and including 3.4.1 places a password in a URL at the beginning of a login session that occurs immediately after a password reset, which allows context-dependent malicious users to discover passwords by reading (1) web-server access logs, (2) we...
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.1
445
VMScore
CVE-2009-3386
Template.pm in Bugzilla 3.3.2 up to and including 3.4.3 and 3.5 up to and including 3.5.1 allows remote malicious users to discover the alias of a private bug by reading the (1) Depends On or (2) Blocks field of a related bug.
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.5
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.4.3
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.5.1
445
VMScore
CVE-2009-3387
Bugzilla 3.3.1 up to and including 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote malicious users to obtain sensitive information via a request for a bug in oppo...
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.4
Mozilla Bugzilla 3.3.2
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.5.1
Mozilla Bugzilla 3.5.2
668
VMScore
CVE-2009-3165
SQL injection vulnerability in the Bug.create WebService function in Bugzilla 2.23.4 up to and including 3.0.8, 3.1.1 up to and including 3.2.4, and 3.3.1 up to and including 3.4.1 allows remote malicious users to execute arbitrary SQL commands via unspecified parameters.
Mozilla Bugzilla 3.0
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.0.8
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.1.2
Mozilla Bugzilla 3.3.4
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.2
Mozilla Bugzilla 3.1.3
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 2.23.4
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.0.1
445
VMScore
CVE-2010-1204
Search.pm in Bugzilla 2.17.1 up to and including 3.2.6, 3.3.1 up to and including 3.4.6, 3.5.1 up to and including 3.6, and 3.7 allows remote malicious users to obtain potentially sensitive time-tracking information via a crafted search URL, related to a "boolean chart searc...
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 3.0.1
Mozilla Bugzilla 3.0.3
Mozilla Bugzilla 3.0.8
Mozilla Bugzilla 3.0.10
Mozilla Bugzilla 3.1.1
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.2.3
Mozilla Bugzilla 3.4
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.5.3
Mozilla Bugzilla 3.7
Mozilla Bugzilla 3.0.4
Mozilla Bugzilla 3.0.5
Mozilla Bugzilla 3.0.6
Mozilla Bugzilla 3.0.7
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.3.1
Mozilla Bugzilla 3.3.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.17.5
383
VMScore
CVE-2011-2976
Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, and 3.4.x prior to 3.4.12 allows remote malicious users to inject arbitrary web script or HTML via vectors involving a BUGLIST cookie.
Mozilla Bugzilla 2.16.10
Mozilla Bugzilla 2.16.3
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 2.19
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.1
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.16.8
Mozilla Bugzilla 2.16.9
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.20.2
383
VMScore
CVE-2011-2381
CRLF injection vulnerability in Bugzilla 2.17.1 up to and including 2.22.7, 3.0.x up to and including 3.3.x, 3.4.x prior to 3.4.12, 3.5.x, 3.6.x prior to 3.6.6, 3.7.x, 4.0.x prior to 4.0.2, and 4.1.x prior to 4.1.3 allows remote malicious users to inject arbitrary e-mail headers ...
Mozilla Bugzilla 2.17.7
Mozilla Bugzilla 2.18.4
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.19.1
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.20.6
Mozilla Bugzilla 2.22.2
Mozilla Bugzilla 2.22.1
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.17.5
Mozilla Bugzilla 2.17.6
Mozilla Bugzilla 2.17.1
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.20.4
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22.5
Mozilla Bugzilla 2.22.4
Mozilla Bugzilla 2.17.3
Mozilla Bugzilla 2.17.4
Mozilla Bugzilla 2.18.5
383
VMScore
CVE-2010-4567
Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the URL (aka bu...
Mozilla Bugzilla 3.2.7
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.4.7
Mozilla Bugzilla 3.4.1
Mozilla Bugzilla 2.20.7
Mozilla Bugzilla 2.22.7
Mozilla Bugzilla 2.18.5
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.21.2
Mozilla Bugzilla 2.22
Mozilla Bugzilla 2.6
Mozilla Bugzilla 2.4
Mozilla Bugzilla 2.18.6
Mozilla Bugzilla 2.16.4
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.14.5
Mozilla Bugzilla 2.16.1
Mozilla Bugzilla 2.18
Mozilla Bugzilla 2.18.1
Mozilla Bugzilla 3.2.4
Mozilla Bugzilla 3.4.2
Mozilla Bugzilla 3.4.3
383
VMScore
CVE-2010-4572
CRLF injection vulnerability in chart.cgi in Bugzilla prior to 3.2.10, 3.4.x prior to 3.4.10, 3.6.x prior to 3.6.4, and 4.0.x prior to 4.0rc2 allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query string, a differe...
Mozilla Bugzilla 3.2.5
Mozilla Bugzilla 3.2.1
Mozilla Bugzilla 3.2.6
Mozilla Bugzilla 3.4.8
Mozilla Bugzilla 3.6.1
Mozilla Bugzilla 2.16
Mozilla Bugzilla 2.2
Mozilla Bugzilla 2.20
Mozilla Bugzilla 2.19.2
Mozilla Bugzilla 2.19.3
Mozilla Bugzilla 2.21
Mozilla Bugzilla 2.21.1
Mozilla Bugzilla 2.23.3
Mozilla Bugzilla 2.23.2
Mozilla Bugzilla 2.16.7
Mozilla Bugzilla 2.16.6
Mozilla Bugzilla 2.16.11
Mozilla Bugzilla 2.14.2
Mozilla Bugzilla 2.18.2
Mozilla Bugzilla 2.18.3
Mozilla Bugzilla 3.2
Mozilla Bugzilla 3.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »