Software
Mozilla FirefoxA malicious website could have included an iframe with an malformed URI resulting in a non-exploitab…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/thunderbirdThe error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses…
MFSA2023-07Security Vulnerabilities fixed in Thunderbird 102.8
Mozilla FirefoxLogins saved by Firefox should be managed by the Password Manager component which uses encryption to…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MFSA2021-40Security Vulnerabilities fixed in Firefox ESR 91.1
MFSA2021-41Security Vulnerabilities fixed in Thunderbird 91.1
MFSA2021-22Security Vulnerabilities fixed in Thunderbird 78.10.2
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ubuntu/firefoxA logic flaw in our location bar implementation could have allowed a local attacker to spoof the cur…
Mozilla FirefoxThe existence of a specifically requested local file can be found due to the double firing of the on…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mozilla FirefoxMozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relat…
Mozilla Firefox OSThe COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content fr…
Mozilla Firefox OSMozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protecti…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mozilla FirefoxMozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android lo…
Mozilla FirefoxMozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-…
Mozilla Firefox ESRMozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Google ChromeThe SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can …
Debian Debian LinuxThe TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products,…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mozilla SeaMonkeyMozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not prop…
Mozilla SeaMonkeyMozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions …
Mozilla ThunderbirdMozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do…
Mozilla BugzillaBugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not d…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Spice-xpiSpice-xpi uses predictable name for usbrdrctl log file which a malicious user could use to overwrite…
Redhat Spice-xpiThe SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files vi…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mozilla SeaMonkeyThe nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.…
Mozilla BugzillaInstall/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-…
Mozilla BugzillaInstall/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enab…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.