Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla firefox 31.1.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-1585
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox prior to 33.0, Firefox ESR 31.x prior to 31.2, and Thunderbird 31.x prior to 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows remote malicious users ...
Mozilla Thunderbird 31.1.0
Mozilla Thunderbird 31.0
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox
5
CVSSv2
CVE-2014-1586
content/base/src/nsDocument.cpp in Mozilla Firefox prior to 33.0, Firefox ESR 31.x prior to 31.2, and Thunderbird 31.x prior to 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote malicious users to obtain sensitive information from the local cam...
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox
Mozilla Thunderbird 31.0
Mozilla Thunderbird 31.1.0
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
5
CVSSv2
CVE-2014-1580
Mozilla Firefox prior to 33.0 does not properly initialize memory for GIF images, which allows remote malicious users to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS...
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox
Mozilla Firefox 31.1.0
4.3
CVSSv2
CVE-2014-1584
The Public Key Pinning (PKP) implementation in Mozilla Firefox prior to 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote malicious users to bypass an intended pinning configuration and spoof a web site via a crafted certifi...
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
Mozilla Firefox
7.5
CVSSv2
CVE-2014-1575
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 33.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper interaction between t...
Mozilla Firefox
Mozilla Firefox 30.0
Mozilla Firefox 31.1.0
Mozilla Firefox 31.0
4.3
CVSSv2
CVE-2014-1582
The Public Key Pinning (PKP) implementation in Mozilla Firefox prior to 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle malicious users to bypass an intended pinning configura...
Mozilla Firefox 31.0
Mozilla Firefox 30.0
Mozilla Firefox
Mozilla Firefox 31.1.0
2.1
CVSSv2
CVE-2014-1595
Mozilla Firefox prior to 34.0, Firefox ESR 31.x prior to 31.3, and Thunderbird prior to 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp file...
Mozilla Firefox Esr 31.2
Mozilla Firefox Esr 31.1.1
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.0
Mozilla Thunderbird
Mozilla Firefox
7.5
CVSSv2
CVE-2015-2708
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 38.0, Firefox ESR 31.x prior to 31.7, and Thunderbird prior to 31.7 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbit...
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Desktop 12.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Novell Suse Linux Enterprise Software Development Kit 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr 31.1
Mozilla Firefox Esr 31.3.0
Mozilla Firefox Esr 31.1.1
Mozilla Firefox Esr 31.5
Mozilla Firefox Esr 31.6.0
Mozilla Firefox Esr 31.3
Mozilla Firefox Esr 31.5.3
Mozilla Firefox Esr 31.5.1
Mozilla Firefox Esr 31.1.0
Mozilla Firefox Esr 31.2
Mozilla Firefox Esr 31.4
Mozilla Firefox Esr 31.0
Mozilla Firefox Esr 31.5.2
5
CVSSv2
CVE-2015-0832
Mozilla Firefox prior to 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle malicious users to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and ...
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Mozilla Firefox 30.0
Mozilla Firefox 3.6.9
Mozilla Firefox 3.6.27
Mozilla Firefox 3.6.26
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.11
Mozilla Firefox 3.6.10
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.13
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.1
4.3
CVSSv2
CVE-2015-0834
The WebRTC subsystem in Mozilla Firefox prior to 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle malicious users to discover credentials by spoofing a server and completing a brute-force at...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Mozilla Firefox
Mozilla Firefox 34.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.7
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.19
Mozilla Firefox 3.5.11
Mozilla Firefox 3.5.10
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »