Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 3.7 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-1028
Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in Mozilla Firefox 3.6 prior to 3.6.2 and 3.7 prior to 3.7 alpha 3 allows remote malicious users to execute arbitrary code via a crafted WOFF file that triggers a buffer overflow, as d...
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6
Mozilla Firefox 3.7
4.3
CVSSv2
CVE-2009-3010
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and previous versions do not properly block data: URIs in Refresh headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS...
Mozilla Seamonkey 1.1.17
Mozilla Firefox 3.5
Mozilla Firefox
Mozilla Mozilla
Mozilla Firefox 3.7
Mozilla Firefox 3.6
4.3
CVSSv2
CVE-2009-3012
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre does not properly block data: URIs in Location headers in HTTP responses, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Locatio...
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5
Mozilla Firefox 3.7
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.5
Mozilla Firefox
Mozilla Firefox 3.6
4.3
CVSSv2
CVE-2009-3014
Mozilla Firefox 3.0.13 and previous versions, 3.5, 3.6 a1 pre, and 3.7 a1 pre; SeaMonkey 1.1.17; and Mozilla 1.7.x and previous versions do not properly handle javascript: URIs in HTML links within 302 error documents sent from web servers, which allows user-assisted remote malic...
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.9
Mozilla Mozilla 0.9.48
Mozilla Mozilla 0.9.35
Mozilla Mozilla 1.0
Mozilla Mozilla 0.9.8
Mozilla Mozilla 1.2
Mozilla Mozilla 1.3
Mozilla Mozilla 1.4
Mozilla Mozilla 1.5
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.6
Mozilla Firefox 3.7
Mozilla Mozilla 0.8
Mozilla Mozilla 0.9.2.1
Mozilla Mozilla 0.9.7
Mozilla Mozilla 0.9.9
Mozilla Mozilla 1.1
Mozilla Mozilla 1.5.1
5
CVSSv2
CVE-2019-11719
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox &l...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
1.9
CVSSv2
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
5
CVSSv2
CVE-2020-6829
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been com...
Mozilla Firefox
1.2
CVSSv2
CVE-2020-12400
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
Mozilla Firefox
6.8
CVSSv2
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
Mozilla Firefox
5
CVSSv2
CVE-2012-0441
The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) prior to 3.13.4, as used in Firefox 4.x up to and including 12.0, Firefox ESR 10.x prior to 10.0.5, Thunderbird 5.0 up to and including 12.0, Thunderbird ESR 10.x prior to 10.0.5, and SeaMonkey p...
Mozilla Firefox 4.0
Mozilla Firefox 5.0
Mozilla Firefox 5.0.1
Mozilla Firefox 8.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 7.0.1
Mozilla Thunderbird 10.0.1
Mozilla Thunderbird 10.0
Mozilla Thunderbird 10.0.4
Mozilla Thunderbird Esr 10.0.4
Mozilla Seamonkey
Mozilla Seamonkey 2.8
Mozilla Seamonkey 2.7
Mozilla Seamonkey 2.6.1
Mozilla Seamonkey 2.5
Mozilla Seamonkey 2.4
Mozilla Seamonkey 2.3
Mozilla Firefox 7.0
Mozilla Firefox 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »