Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MozillaFirefox

108 matches found

CVE
CVEadded 2010/01/29 6:30 p.m.51 views

CVE-2009-4630

Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the ve...

5CVSS6.3AI score0.00232EPSS
CVE
CVEadded 2010/12/09 8:0 p.m.50 views

CVE-2010-4508

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.

10CVSS9.2AI score0.00484EPSS
CVE
CVEadded 2010/03/25 9:0 p.m.49 views

CVE-2010-0165

The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via vectors involving certain indirect c...

9.3CVSS9.5AI score0.03502EPSS
CVE
CVEadded 2010/03/25 10:30 p.m.48 views

CVE-2010-1122

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028.

10CVSS6.7AI score0.07553EPSS
CVE
CVEadded 2010/06/01 8:30 p.m.48 views

CVE-2010-2117

Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.

4.3CVSS7AI score0.0072EPSS
CVE
CVEadded 2010/03/25 9:0 p.m.47 views

CVE-2010-0172

toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization...

4.3CVSS9.2AI score0.00535EPSS
CVE
CVEadded 2010/05/20 5:30 p.m.45 views

CVE-2010-1990

Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRA...

5CVSS6.6AI score0.00543EPSS
CVE
CVEadded 2010/11/12 10:0 p.m.41 views

CVE-2009-5017

Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210.

4.3CVSS8.1AI score0.00254EPSS
Total number of security vulnerabilities108