Mozilla

Firefox

3184 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.75%
  • Veröffentlicht 30.04.2014 10:49:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code i...

Exploit
  • EPSS 1.17%
  • Veröffentlicht 29.03.2014 20:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomizatio...

  • EPSS 0.28%
  • Veröffentlicht 25.03.2014 13:25:38
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the SD card, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application.

Exploit
  • EPSS 8.1%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and app...

  • EPSS 5.08%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u...

Exploit
  • EPSS 0.38%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update.

Exploit
  • EPSS 2.83%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause...

  • EPSS 1.78%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger gene...

  • EPSS 1.94%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt.

  • EPSS 3.54%
  • Veröffentlicht 19.03.2014 10:55:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution.