CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

Debian CVE•added 2025/10/28 2:6 p.m.•6 views

CVE-2025-12380

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

9.8CVSS8.4AI score0.0006EPSS

Exploits0

NVD•added 2025/10/14 1:15 p.m.•2 views

CVE-2025-11709

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

9.8CVSS0.00106EPSS

Exploits0References8

CVE•added 2025/10/14 12:27 p.m.•8 views

CVE-2025-11710

CVE-2025-11710 is reported across Mozilla products (Firefox and Thunderbird). A compromised web process could abuse malicious IPC messages to cause a privileged browser process to leak memory blocks to the compromised process. Affected: Firefox <144, Firefox ESR <115.29 and <140.4, Thund...

9.8CVSS7.3AI score0.00106EPSS

Exploits0References8Affected Software2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-10921

Malware in sbrugna...

4.3CVSS7AI score0.00186EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-0684

Malware in sbrugna...

4.7CVSS5.3AI score0.00223EPSS

Exploits0References4

NVD•added 2025/03/27 2:15 p.m.•26 views

CVE-2025-2857

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

10CVSS0.00197EPSS

Exploits1References4

AlpineLinux•added 2024/10/01 4:15 p.m.•12 views

CVE-2024-9392

A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox 131, Firefox ESR 128.3, Firefox ESR 115.16, Thunderbird 128.3, and Thunderbird 131...

9.8CVSS6.6AI score0.00135EPSS

Exploits0References9

Cvelist•added 2024/10/01 3:13 p.m.•21 views

CVE-2024-9392

0.00135EPSS

Exploits0References7

Debian CVE•added 2024/10/01 3:13 p.m.•9 views

CVE-2024-9392

9.8CVSS8.4AI score0.00135EPSS

Exploits0

CNNVD•added 2024/03/20 12:0 a.m.•2 views

OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information and allows the created VPN to be authenticated using a public key, an electronic certificate, or a...

9.8CVSS6.6AI score0.11092EPSS

Exploits0References5

NVD•added 2024/02/21 7:15 p.m.•10 views

CVE-2023-50975

The TD Bank TD Advanced Dashboard client through 3.0.3 for macOS allows arbitrary code execution because of the lack of electron::fuses::IsRunAsNodeEnabled i.e., ELECTRONRUNASNODE can be used in production. This makes it easier for a compromised process to access banking information...

8.4CVSS7.2AI score0.00053EPSS

Exploits0References3

Debian CVE•added 2024/01/23 1:48 p.m.•16 views

CVE-2024-0748

A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox 122...

4.3CVSS7.2AI score0.00163EPSS

Exploits0

RedHat Linux•added 2023/12/12 10:47 a.m.•1 views

tracker-miners: sandbox escape

A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability...

7.7CVSS5.9AI score0.00045EPSS

Exploits1References4

Kitploit•added 2023/11/20 11:30 a.m.•25 views

MemTracer - Memory Scaner

MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack traces hidden in memory. The MemTracer is implemented in Python language, aiming to detect reflectively loaded native .NET framework Dynamic-Link...

6.9AI score

Exploits0References1

NVD•added 2023/09/27 3:19 p.m.•20 views

CVE-2023-5168

A compromised content process could have provided malicious data to FilterNodeD2D1 resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects...

9.8CVSS8.7AI score0.00256EPSS

Exploits0References4

UbuntuCve•added 2023/09/27 3:19 p.m.•26 views

CVE-2023-5168

9.8CVSS7.1AI score0.00256EPSS

Exploits0References8

Prion•added 2023/09/27 3:19 p.m.•21 views

Out-of-bounds

7.5CVSS8.6AI score0.00256EPSS

Exploits0References4Affected Software3

AlpineLinux•added 2023/09/27 2:13 p.m.•27 views

CVE-2023-5169

A compromised content process could have provided malicious data in a PathRecording resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...

6.5CVSS7.6AI score0.0024EPSS

Exploits0

Vulnrichment•added 2023/09/27 2:13 p.m.•15 views

CVE-2023-5169

6.2AI score0.0024EPSS

Exploits0References9

SUSE CVE•added 2023/06/22 2:52 a.m.•1 views

SUSE CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

10CVSS8.2AI score0.00422EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by