Mozilla

Firefox

3102 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.9

CVE-2014-1515

  • EPSS 0.07%
  • Veröffentlicht 25.03.2014 13:25:38
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application.

10

CVE-2014-1493

Exploit
  • EPSS 1.47%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and app...

9.3

CVE-2014-1494

  • EPSS 0.56%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...

5.5

CVE-2014-1496

Exploit
  • EPSS 0.06%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

8.8

CVE-2014-1497

Exploit
  • EPSS 0.5%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause...

5

CVE-2014-1498

  • EPSS 0.55%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger gene...

4.3

CVE-2014-1499

  • EPSS 0.61%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

5

CVE-2014-1500

  • EPSS 2.26%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.

5.8

CVE-2014-1501

  • EPSS 0.23%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

6.8

CVE-2014-1502

  • EPSS 0.28%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecifi...