Skip to main content
CVE-2013-0758 CRITICAL POC THREAT Emergency

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 87.4%.

Code Injection Mozilla Google RCE Firefox +14
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
87.4%
Threat
6.0
CVE-2013-0753 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 84.0%.

RCE Mozilla Memory Corruption Use After Free Firefox +13
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
84.0%
Threat
5.9
CVE-2013-0156 HIGH POC PATCH THREAT Act Now

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 91.9%.

Denial Of Service RCE Rails Ruby On Rails Debian Linux
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
91.9%
Threat
5.8
CVE-2013-0757 CRITICAL POC THREAT Emergency

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 74.6%.

Mozilla Google RCE Firefox Seamonkey +8
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
74.6%
Threat
5.6
CVE-2013-0768 CRITICAL POC Act Now

Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
4.8%
CVE-2013-0752 CRITICAL POC Act Now

Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2013-0755 CRITICAL POC Act Now

Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Mozilla Memory Corruption Use After Free Firefox +8
NVD
CVSS 2.0
9.3
EPSS
2.7%
CVE-2013-0749 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2013-0769 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +13
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2013-0770 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
0.9%
CVE-2013-0744 CRITICAL PATCH Act Now

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.4%.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
13.4%
CVE-2013-0747 MEDIUM POC This Month

The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Firefox Seamonkey Thunderbird +6
NVD
CVSS 2.0
6.8
EPSS
2.3%
CVE-2013-0767 CRITICAL PATCH Act Now

The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Mozilla Denial Of Service Buffer Overflow Information Disclosure RCE +14
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2013-0750 CRITICAL PATCH Act Now

Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow RCE Mozilla Integer Overflow Firefox +13
NVD
CVSS 2.0
9.3
EPSS
3.8%
CVE-2013-0155 MEDIUM PATCH This Month

Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.2%.

Privilege Escalation Rails Ruby On Rails Debian Linux
NVD
CVSS 2.0
6.4
EPSS
18.2%
CVE-2013-0745 CRITICAL PATCH Act Now

The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Mozilla RCE Firefox Seamonkey +7
NVD
CVSS 2.0
9.3
EPSS
3.2%
CVE-2013-0771 CRITICAL PATCH Act Now

Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
3.2%
CVE-2013-0760 CRITICAL PATCH Act Now

Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Mozilla RCE Firefox Seamonkey +7
NVD
CVSS 2.0
9.3
EPSS
3.2%
CVE-2013-0766 CRITICAL PATCH Act Now

Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
2.9%
CVE-2013-0754 CRITICAL PATCH Act Now

Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

RCE Mozilla Memory Corruption Use After Free Firefox +13
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2013-0762 CRITICAL Act Now

Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
2.7%
CVE-2013-0746 CRITICAL PATCH Act Now

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Mozilla RCE Firefox Seamonkey +12
NVD
CVSS 2.0
9.3
EPSS
2.6%
CVE-2013-0761 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +10
NVD
CVSS 2.0
9.3
EPSS
1.7%
CVE-2013-0764 CRITICAL PATCH Act Now

The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Mozilla RCE Firefox Seamonkey Thunderbird +6
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2013-0756 CRITICAL Act Now

Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Mozilla Memory Corruption Use After Free Firefox +8
NVD
CVSS 2.0
9.3
EPSS
1.4%
CVE-2013-0763 CRITICAL Act Now

Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2013-0759 MEDIUM POC This Month

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mozilla Authentication Bypass Firefox Seamonkey Thunderbird +11
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2013-0748 MEDIUM POC This Month

The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Information Disclosure Firefox Seamonkey Thunderbird +11
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0751 MEDIUM This Month

Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Mozilla Google XSS Firefox +1
NVD
CVSS 2.0
5.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy