Lucene search
+L

131 matches found

CVE
CVE
added 2025/11/11 3:47 p.m.19 views

CVE-2025-13017

Mode C: CVE-2025-13017 is a same-origin policy bypass in the DOM: Notifications component, affecting Firefox before 145 (and ESR before 140.5) and Thunderbird before 145 (and ESR before 140.5). Connected advisories confirm this CVE alongside other Firefox DOM/JSWA issues and list concrete mitigat...

8.1CVSS7.2AI score0.00251EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2025/11/11 3:47 p.m.8 views

CVE-2025-13017

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

8.1CVSS7.7AI score0.00251EPSS
Exploits0
Cvelist
Cvelist
added 2025/11/11 3:47 p.m.12 views

CVE-2025-13017 Same-origin policy bypass in the DOM: Notifications component

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

0.00251EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/11/11 3:47 p.m.7 views

CVE-2025-13017

Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

8.1CVSS7.2AI score0.00251EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security bypass vulnerability exists in Mozilla Firefox and Firefox ESR due to a same-origin policy bypass in the DOM:Notifications component. An attacker can exploit this...

8.1CVSS6.2AI score0.00251EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

Mozilla Firefox ESR < 140.5

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox...

8.8CVSS6.1AI score0.00449EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-13017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird...

8.1CVSS7.3AI score0.00251EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.9 views

PT-2025-46357

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 145 Firefox ESR versions prior to 140.5 Description A same-origin policy bypass exists within the DOM Notifications component. This allows for potential unauthorized access or manipulation of data due to insufficient...

9.8CVSS6.6AI score0.09348EPSS
Exploits2References207
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.1 views

Mozilla Firefox ESR < 140.5

The version of Firefox ESR installed on the remote Windows host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox ESR 140.5...

8.8CVSS6.1AI score0.00449EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2025/11/11 12:0 a.m.6 views

firefox -- Use-after-free

https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...

8.8CVSS6.6AI score0.00449EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.2 views

PT-2025-49850

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 115.31 Firefox ESR versions prior to 140.6 Description A privilege escalation issue exists in the DOM Notifications component. This allows for potential unauthorized access or control...

10CVSS6.7AI score0.09348EPSS
Exploits2References226
Rows per page
Query Builder