Lucene search

K
MozillaFirefox19.0

113 matches found

CVE
CVE
added 2013/10/30 10:55 a.m.60 views

CVE-2013-5591

Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unkn...

10CVSS7.7AI score0.03277EPSS
CVE
CVE
added 2013/12/11 3:55 p.m.60 views

CVE-2013-5611

Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.

5.8CVSS9AI score0.00882EPSS
CVE
CVE
added 2013/10/30 10:55 a.m.57 views

CVE-2013-5598

PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object.

8.3CVSS7.1AI score0.00781EPSS
CVE
CVE
added 2013/10/30 10:55 a.m.56 views

CVE-2013-5592

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

10CVSS8AI score0.02659EPSS
CVE
CVE
added 2014/02/06 5:44 a.m.54 views

CVE-2014-1484

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

5CVSS8.5AI score0.00632EPSS
CVE
CVE
added 2014/03/19 10:55 a.m.53 views

CVE-2014-1501

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

5.8CVSS8.9AI score0.00229EPSS
CVE
CVE
added 2014/03/19 10:55 a.m.53 views

CVE-2014-1506

Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter a...

6.4CVSS8.4AI score0.02084EPSS
CVE
CVE
added 2013/08/07 1:55 a.m.52 views

CVE-2013-1715

Multiple untrusted search path vulnerabilities in the (1) full installer and (2) stub installer in Mozilla Firefox before 23.0 on Windows allow local users to gain privileges via a Trojan horse DLL in the default downloads directory. NOTE: this issue exists because of an incomplete fix for CVE-2012...

6.9CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2013/04/03 11:56 a.m.50 views

CVE-2013-0790

Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in.

10CVSS7.9AI score0.06334EPSS
CVE
CVE
added 2014/04/30 10:49 a.m.49 views

CVE-2014-1527

Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen.

5CVSS8.8AI score0.00846EPSS
CVE
CVE
added 2013/09/18 10:8 a.m.45 views

CVE-2013-1731

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.

6.8CVSS7.3AI score0.01004EPSS
CVE
CVE
added 2013/09/18 10:8 a.m.43 views

CVE-2013-1729

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.

2.6CVSS6.3AI score0.00426EPSS
CVE
CVE
added 2013/09/18 10:8 a.m.38 views

CVE-2013-1727

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.

4CVSS5.6AI score0.0224EPSS
Total number of security vulnerabilities113