Skip to main content
CVE-2013-3893 HIGH POC KEV THREAT Act Now

Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation that allows remote code execution through crafted JavaScript, exploited in targeted attacks via ms-help: URL protocol.

Microsoft RCE
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
81.2%
Threat
9.2
CVE-2013-1732 CRITICAL Emergency

Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.2% and no vendor patch available.

Buffer Overflow Mozilla RCE Firefox Seamonkey +2
NVD
CVSS 2.0
9.3
EPSS
33.2%
CVE-2013-1736 CRITICAL Act Now

The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Seamonkey +3
NVD
CVSS 2.0
10.0
EPSS
3.7%
CVE-2013-1719 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Thunderbird +2
NVD
CVSS 2.0
10.0
EPSS
3.3%
CVE-2013-1718 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Thunderbird Esr +3
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2013-1738 CRITICAL Act Now

Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla RCE Seamonkey Thunderbird Firefox
NVD
CVSS 2.0
9.3
EPSS
4.6%
CVE-2013-1735 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla RCE Firefox Thunderbird Esr Seamonkey +1
NVD
CVSS 2.0
9.3
EPSS
4.5%
CVE-2013-1724 CRITICAL Act Now

Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Seamonkey +2
NVD
CVSS 2.0
9.3
EPSS
4.3%
CVE-2013-1722 CRITICAL Act Now

Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Thunderbird +3
NVD
CVSS 2.0
9.3
EPSS
3.9%
CVE-2013-1721 CRITICAL Act Now

Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Mozilla RCE Seamonkey Firefox
NVD
CVSS 2.0
9.3
EPSS
0.9%
CVE-2013-1727 MEDIUM POC This Month

Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Google XSS Firefox
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
2.2%
CVE-2013-1725 MEDIUM This Month

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Mozilla RCE Firefox Thunderbird Esr +2
NVD
CVSS 2.0
6.8
EPSS
2.9%
CVE-2013-1720 MEDIUM This Month

The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +2
NVD
CVSS 2.0
6.8
EPSS
2.7%
CVE-2013-1731 MEDIUM This Month

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Google RCE Firefox
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2013-1730 MEDIUM This Month

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Thunderbird +3
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2013-1726 MEDIUM This Month

Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access. Rated medium severity (CVSS 6.2). No vendor patch available.

Privilege Escalation Mozilla Thunderbird Esr Thunderbird Firefox +1
NVD
CVSS 2.0
6.2
EPSS
0.1%
CVE-2013-1737 MEDIUM This Month

Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Mozilla Thunderbird Esr Seamonkey Firefox +1
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-1723 MEDIUM This Month

The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla Thunderbird Firefox +1
NVD
CVSS 2.0
4.3
EPSS
1.8%
CVE-2013-1728 MEDIUM This Month

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Mozilla Seamonkey Thunderbird Firefox
NVD
CVSS 2.0
4.3
EPSS
1.1%
CVE-2013-1729 LOW Monitor

The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Nvidia Firefox
NVD
CVSS 2.0
2.6
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy