Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mozilla mozilla 1.7.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-25315
In Expat (aka libexpat) prior to 2.4.5, there is an integer overflow in storeRawNames.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) prior to 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
7.5
CVSSv2
CVE-2022-25236
xmlparse.c in Expat (aka libexpat) prior to 2.4.5 allows malicious users to insert namespace-separator characters into namespace URIs.
Libexpat Project Libexpat
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Remote Connect Server
2.6
CVSSv2
CVE-2019-7317
png_image_free in png.c in libpng 1.6.x prior to 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
Libpng Libpng
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Oracle Jdk 11.0.3
Oracle Jdk 12.0.1
Oracle Java Se 8u212
Oracle Java Se 7u221
Oracle Mysql
Oracle Hyperion Infrastructure Technology 11.2.6.0
Hpe Xp7 Command View Advanced Edition Suite
Hp Xp7 Command View
Mozilla Thunderbird -
Mozilla Firefox Esr -
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Package Hub -
Netapp Cloud Backup -
7.5
CVSSv2
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
9.3
CVSSv2
CVE-2012-3993
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox prior to 16.0, Firefox ESR 10.x prior to 10.0.8, Thunderbird prior to 16.0, Thunderbird ESR 10.x prior to 10.0.8, and SeaMonkey prior to 2.13 does not properly interact with failures of InstallTrigger methods, whic...
Mozilla Firefox Esr 10.0
Mozilla Firefox Esr 10.0.1
Mozilla Firefox Esr 10.0.2
Mozilla Firefox Esr 10.0.3
Mozilla Firefox Esr 10.0.4
Mozilla Firefox Esr 10.0.5
Mozilla Firefox Esr 10.0.6
Mozilla Firefox Esr 10.0.7
Mozilla Thunderbird Esr 10.0
Mozilla Thunderbird Esr 10.0.1
Mozilla Thunderbird Esr 10.0.2
Mozilla Thunderbird Esr 10.0.3
Mozilla Thunderbird Esr 10.0.4
Mozilla Thunderbird Esr 10.0.5
Mozilla Thunderbird Esr 10.0.6
Mozilla Thunderbird Esr 10.0.7
Mozilla Firefox 1.0
Mozilla Firefox 1.0.1
Mozilla Firefox 1.0.2
Mozilla Firefox 1.0.3
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
1 EDB exploit
10
CVSSv2
CVE-2012-3971
Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox prior to 15.0, Thunderbird prior to 15.0, and SeaMonkey prior to 2.12, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the ...
Mozilla Firefox 10.0.1
Mozilla Firefox 9.0.1
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0
Mozilla Firefox 4.0
Mozilla Firefox 13.0
Mozilla Firefox
Mozilla Firefox 12.0
Mozilla Firefox 9.0
Mozilla Firefox 8.0
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 4.0.1
Mozilla Firefox 3.6.25
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.19
Mozilla Firefox 3.6.12
Mozilla Firefox 3.5.8
Mozilla Firefox 3.0.16
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.2
6.9
CVSSv2
CVE-2012-3974
Untrusted search path vulnerability in the installer in Mozilla Firefox prior to 15.0, Firefox ESR 10.x prior to 10.0.7, Thunderbird prior to 15.0, and Thunderbird ESR 10.x prior to 10.0.7 on Windows allows local users to gain privileges via a Trojan horse executable file in a ro...
Mozilla Firefox 11.0
Mozilla Firefox 10.0.2
Mozilla Firefox 7.0
Mozilla Firefox 6.0.2
Mozilla Firefox 4.0
Mozilla Firefox 3.6.23
Mozilla Firefox 3.0
Mozilla Firefox 3.6.6
Mozilla Firefox 3.0.17
Mozilla Firefox 3.6.17
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.6.21
Mozilla Firefox 3.0.3
Mozilla Firefox 3.5.13
Mozilla Firefox 3.6.16
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.15
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.6
Mozilla Firefox 2.0.0.17
4.3
CVSSv2
CVE-2012-3975
The DOMParser component in Mozilla Firefox prior to 15.0, Thunderbird prior to 15.0, and SeaMonkey prior to 2.12 loads subresources during parsing of text/html data within an extension, which allows remote malicious users to obtain sensitive information by providing crafted data ...
Mozilla Firefox 12.0
Mozilla Firefox 8.0
Mozilla Firefox 8.0.1
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 3.6.24
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.18
Mozilla Firefox 3.0.16
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.14
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.20
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.12
Mozilla Firefox 3.0.12
Mozilla Firefox 3.6.15
Mozilla Firefox 3.0.13
Mozilla Firefox 3.5.3
Mozilla Firefox 13.0
Mozilla Firefox
4.3
CVSSv2
CVE-2012-1956
Mozilla Firefox prior to 15.0, Thunderbird prior to 15.0, and SeaMonkey prior to 2.12 do not prevent use of the Object.defineProperty method to shadow the location object (aka window.location), which makes it easier for remote malicious users to conduct cross-site scripting (XSS)...
Mozilla Firefox 12.0
Mozilla Firefox 11.0
Mozilla Firefox 8.0.1
Mozilla Firefox 7.0.1
Mozilla Firefox 4.0
Mozilla Firefox 4.0.1
Mozilla Firefox 3.6.3
Mozilla Firefox 3.0.5
Mozilla Firefox 3.6.8
Mozilla Firefox 3.6.18
Mozilla Firefox 3.5.2
Mozilla Firefox 3.6.17
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6.20
Mozilla Firefox 3.5.14
Mozilla Firefox 3.5.12
Mozilla Firefox 3.6.15
Mozilla Firefox 3.6.16
Mozilla Firefox 3.0.13
Mozilla Firefox 3.5.3
Mozilla Firefox 2.0.0.20
Mozilla Firefox 2.0.0.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »