Skip to main content

Linux Enterprise Software Development Kit

236 CVEs product

Monthly

CVE-2013-0746 CRITICAL PATCH Act Now

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Mozilla RCE Firefox Seamonkey +12
NVD
CVSS 2.0
9.3
EPSS
2.6%
CVE-2013-0745 CRITICAL PATCH Act Now

The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Mozilla RCE Firefox Seamonkey +7
NVD
CVSS 2.0
9.3
EPSS
3.2%
CVE-2013-0744 CRITICAL PATCH Act Now

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.4%.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
13.4%
CVE-2012-5612 MEDIUM POC THREAT This Month

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 66.8%.

Denial Of Service Buffer Overflow Oracle Memory Corruption RCE +6
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
66.8%
Threat
4.8
CVE-2012-3515 HIGH This Week

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qemu Xen Opensuse Linux Enterprise Desktop +9
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2012-5843 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2012-5842 CRITICAL PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +13
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2012-5841 MEDIUM PATCH This Month

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Mozilla XSS Firefox Seamonkey Thunderbird +10
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2012-5840 CRITICAL POC Act Now

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +14
NVD
CVSS 2.0
9.3
EPSS
2.3%
CVE-2012-5839 CRITICAL PATCH Act Now

Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2012-5838 CRITICAL POC Act Now

The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
9.3
EPSS
1.0%
CVE-2012-5836 HIGH This Week

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Mozilla Denial Of Service RCE Firefox +7
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2012-5835 CRITICAL POC Act Now

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mozilla Denial Of Service Integer Overflow Firefox +12
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2012-5833 CRITICAL PATCH Act Now

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
1.4%
CVE-2012-5829 CRITICAL POC Act Now

Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +13
NVD
CVSS 2.0
9.3
EPSS
4.6%
CVE-2012-4218 CRITICAL Act Now

Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +9
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2012-4217 CRITICAL POC Act Now

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +10
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-4216 CRITICAL POC Act Now

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
9.3
EPSS
4.1%
CVE-2012-4215 CRITICAL POC Act Now

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +14
NVD
CVSS 2.0
9.3
EPSS
2.3%
CVE-2012-4214 CRITICAL POC Act Now

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +14
NVD
CVSS 2.0
9.3
EPSS
2.3%
CVE-2012-4213 CRITICAL POC Act Now

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +10
NVD
CVSS 2.0
9.3
EPSS
2.1%
CVE-2012-4212 CRITICAL Act Now

Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +9
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2012-4209 MEDIUM PATCH This Month

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Mozilla XSS Firefox Seamonkey Thunderbird +10
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2012-4208 MEDIUM PATCH This Month

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Mozilla Information Disclosure Google Firefox Seamonkey +7
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-4207 MEDIUM POC This Month

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox Seamonkey Thunderbird +11
NVD
CVSS 2.0
4.3
EPSS
1.3%
CVE-2012-4205 MEDIUM This Month

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Mozilla Firefox Seamonkey Thunderbird +5
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2012-4204 CRITICAL POC Act Now

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +7
NVD
CVSS 2.0
9.3
EPSS
2.3%
CVE-2012-4202 CRITICAL PATCH Act Now

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2012-4201 MEDIUM POC This Month

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox Seamonkey Thunderbird +11
NVD
CVSS 2.0
4.3
EPSS
2.0%
CVE-2012-4196 MEDIUM POC This Month

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mozilla Authentication Bypass Firefox Seamonkey Thunderbird +10
NVD
CVSS 2.0
6.4
EPSS
1.0%
CVE-2012-4195 MEDIUM This Month

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla XSS Firefox Seamonkey Thunderbird +10
NVD
CVSS 2.0
4.3
EPSS
1.0%
CVE-2012-4194 MEDIUM POC This Month

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox Seamonkey Thunderbird +10
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2012-4193 MEDIUM POC This Month

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla RCE Firefox Seamonkey Thunderbird +9
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2012-3976 MEDIUM This Month

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Firefox Seamonkey Opensuse +9
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2012-3972 MEDIUM This Month

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Seamonkey Thunderbird +12
NVD
CVSS 2.0
5.0
EPSS
4.5%
CVE-2012-3968 CRITICAL Act Now

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Mozilla Memory Corruption Use After Free Firefox +13
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2012-3967 CRITICAL POC Act Now

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Denial Of Service Buffer Overflow Memory Corruption RCE +13
NVD
CVSS 2.0
9.3
EPSS
0.6%
CVE-2012-3963 CRITICAL Act Now

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Mozilla Memory Corruption Use After Free Firefox +13
NVD
CVSS 2.0
10.0
EPSS
2.3%
CVE-2012-3961 CRITICAL POC Act Now

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
10.0
EPSS
2.1%
CVE-2012-3960 CRITICAL Act Now

Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
10.0
EPSS
2.3%
CVE-2012-3959 CRITICAL Act Now

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +16
NVD
CVSS 2.0
10.0
EPSS
3.9%
CVE-2012-3957 CRITICAL Act Now

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption RCE Firefox +13
NVD
CVSS 2.0
10.0
EPSS
3.0%
CVE-2012-3956 CRITICAL Act Now

Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
10.0
EPSS
2.3%
CVE-2012-1976 CRITICAL Act Now

Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +15
NVD
CVSS 2.0
10.0
EPSS
3.2%
CVE-2012-1975 CRITICAL Act Now

Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +16
NVD
CVSS 2.0
10.0
EPSS
3.3%
CVE-2012-1974 CRITICAL Act Now

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +16
NVD
CVSS 2.0
10.0
EPSS
3.3%
CVE-2012-1973 CRITICAL Act Now

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +16
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2012-1972 CRITICAL Act Now

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service Buffer Overflow Memory Corruption +16
NVD
CVSS 2.0
10.0
EPSS
3.3%
CVE-2012-1970 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +14
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2012-1717 LOW PATCH Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Java Oracle Information Disclosure Jre Jdk +15
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-1938 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +12
NVD
CVSS 2.0
9.3
EPSS
1.2%
CVE-2012-0449 CRITICAL PATCH Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +7
NVD
CVSS 2.0
9.3
EPSS
3.9%
CVE-2012-0444 CRITICAL POC Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +8
NVD
CVSS 2.0
10.0
EPSS
8.6%
CVE-2012-0442 CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla RCE Firefox +7
NVD
CVSS 2.0
9.3
EPSS
1.4%
CVE-2012-0053 MEDIUM POC PATCH THREAT This Month

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 56.0%.

Apache Information Disclosure Http Server Debian Linux Opensuse +9
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
56.0%
Threat
4.0
CVE-2012-0031 MEDIUM POC This Month

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apache Http Server Debian Linux Opensuse +10
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
1.2%
EPSS 3% CVSS 9.3
CRITICAL PATCH Act Now

Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Denial Of Service Mozilla RCE +14
NVD
EPSS 3% CVSS 9.3
CRITICAL PATCH Act Now

The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection Mozilla RCE +9
NVD
EPSS 13% CVSS 9.3
CRITICAL PATCH Act Now

Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.4%.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 67% 4.8 CVSS 6.5
MEDIUM POC THREAT This Month

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 66.8%.

Denial Of Service Buffer Overflow Oracle +8
NVD Exploit-DB
EPSS 0% CVSS 7.2
HIGH This Week

Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qemu Xen +11
NVD
EPSS 2% CVSS 9.3
CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla +10
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Buffer Overflow Denial Of Service Mozilla +15
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 implement cross-origin wrappers with a filtering. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Mozilla XSS Firefox +12
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +16
NVD
EPSS 3% CVSS 9.3
CRITICAL PATCH Act Now

Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Mozilla Memory Corruption +14
NVD
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

The copyTexImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla +10
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Mozilla Denial Of Service +9
NVD
EPSS 1% CVSS 10.0
CRITICAL POC Act Now

Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Mozilla Denial Of Service +14
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla +14
NVD
EPSS 5% CVSS 9.3
CRITICAL POC Act Now

Heap-based buffer overflow in the nsWindow::OnExposeEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Mozilla Memory Corruption +15
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +11
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +12
NVD
EPSS 4% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the nsPlaintextEditor::FireClipboardEvent function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +16
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +16
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +12
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +11
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 do not prevent use of a "top" frame. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Mozilla XSS Firefox +12
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The XrayWrapper implementation in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 does not consider the compartment during property filtering, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Mozilla Information Disclosure Google +9
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

The HZ-GB-2312 character-set implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox +13
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 assign the system principal, rather than the sandbox principal, to XMLHttpRequest objects created in sandboxes, which. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Mozilla Firefox +7
NVD
EPSS 2% CVSS 9.3
CRITICAL POC Act Now

The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla +9
NVD
EPSS 3% CVSS 9.3
CRITICAL PATCH Act Now

Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Mozilla Memory Corruption +14
NVD
EPSS 2% CVSS 4.3
MEDIUM POC This Month

The evalInSandbox implementation in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 uses an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox +13
NVD
EPSS 1% CVSS 6.4
MEDIUM POC This Month

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mozilla Authentication Bypass Firefox +12
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla XSS Firefox +12
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla XSS Firefox +12
NVD
EPSS 1% CVSS 6.8
MEDIUM POC This Month

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla RCE Firefox +11
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly handle onLocationChange events during navigation between different https sites, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Firefox +11
NVD
EPSS 5% CVSS 5.0
MEDIUM This Month

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox +14
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Mozilla Memory Corruption +15
NVD
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Mozilla Denial Of Service Buffer Overflow +15
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Mozilla Memory Corruption +15
NVD
EPSS 2% CVSS 10.0
CRITICAL POC Act Now

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 4% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +18
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption +15
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +17
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +18
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +18
NVD
EPSS 4% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +18
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Use After Free Denial Of Service +18
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla +16
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Java Oracle Information Disclosure +17
NVD
EPSS 1% CVSS 9.3
CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla +14
NVD
EPSS 4% CVSS 9.3
CRITICAL PATCH Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Mozilla +9
NVD
EPSS 9% CVSS 10.0
CRITICAL POC Act Now

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Mozilla +10
NVD
EPSS 1% CVSS 9.3
CRITICAL POC PATCH Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Mozilla +9
NVD
EPSS 56% 4.0 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 56.0%.

Apache Information Disclosure Http Server +11
NVD Exploit-DB
EPSS 1% CVSS 4.6
MEDIUM POC This Month

scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apache Http Server +12
NVD Exploit-DB
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy