Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 16.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4192
Mozilla Firefox 16.0, Thunderbird 16.0, and SeaMonkey 2.13 allow remote malicious users to bypass the Same Origin Policy and read the properties of a Location object via a crafted web site, a related issue to CVE-2012-4193.
Mozilla Firefox 16.0
Mozilla Thunderbird 16.0
Mozilla Seamonkey 2.13
NA
CVE-2012-3987
Mozilla Firefox prior to 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote malicious users to bypass intended access restrictions via a crafted web site.
Mozilla Firefox 14.0
Mozilla Firefox 13.0
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 6.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.6.25
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.8
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.11
Mozilla Firefox 3.0.11
Mozilla Firefox 3.6.9
Mozilla Firefox 3.0.10
NA
CVE-2012-4203
The New Tab page in Mozilla Firefox prior to 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote malicious users to run arbitrary programs by leveraging a javascript: URL in a bookmark.
Mozilla Firefox
Mozilla Firefox 16.0.1
Mozilla Firefox 13.0.1
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.23
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.0.10
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.9
NA
CVE-2012-5837
The Web Developer Toolbar in Mozilla Firefox prior to 17.0 executes script with chrome privileges, which allows user-assisted remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted string.
Mozilla Firefox 14.0.1
Mozilla Firefox 14.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox
Mozilla Firefox 13.0
Mozilla Firefox 13.0.1
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0.1
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.23
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.7
NA
CVE-2013-0790
Unspecified vulnerability in the browser engine in Mozilla Firefox prior to 20.0 on Android allows remote malicious users to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.
Mozilla Firefox 18.0
Mozilla Firefox 18.0.1
Mozilla Firefox 15.0.1
Mozilla Firefox 14.0.1
Mozilla Firefox 10.0.2
Mozilla Firefox 10.0
Mozilla Firefox 7.0
Mozilla Firefox 6.0
Mozilla Firefox 6.0.2
Mozilla Firefox 4.0
Mozilla Firefox 3.6.21
Mozilla Firefox 18.0.2
Mozilla Firefox 17.0.1
Mozilla Firefox 17.0
Mozilla Firefox 14.0
Mozilla Firefox 13.0
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 5.0
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.2
NA
CVE-2012-4206
Untrusted search path vulnerability in the installer in Mozilla Firefox prior to 17.0 and Firefox ESR 10.x prior to 10.0.11 on Windows allows local users to gain privileges via a Trojan horse DLL in the default downloads directory.
Mozilla Firefox 16.0
Mozilla Firefox 16.0.1
Mozilla Firefox 15.0
Mozilla Firefox 12.0
Mozilla Firefox 11.0
Mozilla Firefox 8.0
Mozilla Firefox 7.0.1
Mozilla Firefox 4.0
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.1
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6
Mozilla Firefox 3.6.11
Mozilla Firefox 3.5.14
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
NA
CVE-2015-0819
The UITour::onPageEvent function in Mozilla Firefox prior to 36.0 does not ensure that an API call originates from a foreground tab, which allows remote malicious users to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site.
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.10
Mozilla Firefox 3.6
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 24.1.1
Mozilla Firefox 24.1
Mozilla Firefox 20.0
NA
CVE-2015-0820
Mozilla Firefox prior to 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote malicious users to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mech...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.18
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0
Mozilla Firefox 29.0.1
Mozilla Firefox 25.0
Mozilla Firefox 24.1.1
NA
CVE-2015-0821
Mozilla Firefox prior to 36.0 allows user-assisted remote malicious users to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.20
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 27.0
Mozilla Firefox 26.0
Mozilla Firefox 23.0
Mozilla Firefox 22.0
NA
CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox prior to 36.0 allows remote malicious users to cause a denial of service (out-of-bounds write of zero values, and application crash) via vectors that trigger use of DrawTarget and the Cairo l...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 32.0
Mozilla Firefox 31.1.0
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.22
Mozilla Firefox 3.6.21
Mozilla Firefox 3.6.14
Mozilla Firefox 3.6.13
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.17
Mozilla Firefox 3.5.16
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »