CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1207 matches found

Positive Technologies•added 6 days ago•6 views

PT-2026-46510

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted video file...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•6 views

PT-2026-46469

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A race condition in Codecs allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•5 views

PT-2026-46489

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape i...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•5 views

PT-2026-46623

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•5 views

PT-2026-46734

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Codecs allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Use after free is a memory...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•5 views

PT-2026-46725

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

Positive Technologies•added 6 days ago•5 views

PT-2026-46566

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in Codecs, which could allow a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used ...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

RedHat Linux•added 2026/06/01 3:41 p.m.•16 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00062EPSS

Exploits0References6

RedHat Linux•added 2026/06/01 3:41 p.m.•14 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00049EPSS

Exploits0References6

OSV•added 2026/05/30 6:3 p.m.•25 views

RLSA-2026:21378 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

7.5CVSS5.9AI score0.00109EPSS

Exploits0References19

SUSE Linux•added 2026/05/29 7:21 a.m.•14 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...

8.8CVSS5.9AI score0.00164EPSS

Exploits0References52

OSV•added 2026/05/29 7:21 a.m.•6 views

SUSE-SU-2026:2109-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: - CVE-2026-8090: Use-after-free in the DOM: Networking component. - CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...

9.8CVSS5.9AI score0.00164EPSS

Exploits0References27

Mageia•added 2026/05/29 5:12 a.m.•16 views

Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00109EPSS

Exploits0References5

OSV•added 2026/05/29 5:12 a.m.•11 views

MGASA-2026-0165 Updated nspr, nss and firefox(-l10n) packages fix security issues

9.8CVSS5.9AI score0.00109EPSS

Exploits0References6

Mageia•added 2026/05/29 5:12 a.m.•12 views

Updated thunderbird(-l10n) packages fix security vulnerabilities

9.8CVSS5.9AI score0.00109EPSS

Exploits0References3

OSV•added 2026/05/29 5:12 a.m.•10 views

MGASA-2026-0164 Updated thunderbird(-l10n) packages fix security vulnerabilities

9.8CVSS5.9AI score0.00109EPSS

Exploits0References4

Rockylinux•added 2026/05/29 12:0 a.m.•12 views

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

9.8CVSS5.9AI score0.00109EPSS

Exploits0

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

AlmaLinux 8 : firefox (ALSA-2026:21382)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21382 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS5.9AI score0.00109EPSS

Exploits0References20

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

AlmaLinux 10 : firefox (ALSA-2026:21380)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21380 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS5.9AI score0.00109EPSS

Exploits0References20

Tenable Nessus•added 2026/05/28 12:0 a.m.•10 views

RHEL 10 : firefox (RHSA-2026:21380)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:21380 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6AI score0.00109EPSS

Exploits0References38

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by