Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MozillaFirefox

108 matches found

CVE
CVEadded 2010/09/15 8:0 p.m.55 views

CVE-2010-3399

The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess the...

5.8CVSS8.7AI score0.07921EPSS
CVE
CVEadded 2010/03/25 9:0 p.m.54 views

CVE-2010-0166

The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption ...

5.1CVSS9.7AI score0.17908EPSS
CVE
CVEadded 2010/01/29 6:30 p.m.53 views

CVE-2009-4630

Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of domain names contained in links within local HTML documents, which makes it easier for remote attackers to determine the network location of the application's user by logging DNS requests. NOTE: the ve...

5CVSS6.3AI score0.00232EPSS
CVE
CVEadded 2010/12/09 8:0 p.m.52 views

CVE-2010-4508

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.

10CVSS9.2AI score0.00484EPSS
CVE
CVEadded 2010/03/25 10:30 p.m.50 views

CVE-2010-1122

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028.

10CVSS6.7AI score0.07553EPSS
CVE
CVEadded 2010/06/01 8:30 p.m.50 views

CVE-2010-2117

Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.

4.3CVSS7AI score0.0072EPSS
CVE
CVEadded 2010/05/20 5:30 p.m.46 views

CVE-2010-1990

Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in situations where an IFRAME element has a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many IFRA...

5CVSS6.6AI score0.00543EPSS
CVE
CVEadded 2010/11/12 10:0 p.m.45 views

CVE-2009-5017

Mozilla Firefox before 3.6 Beta 3 does not properly handle overlong UTF-8 encoding, which makes it easier for remote attackers to bypass cross-site scripting (XSS) protection mechanisms via a crafted string, a different vulnerability than CVE-2010-1210.

4.3CVSS8.1AI score0.00254EPSS
Total number of security vulnerabilities108