Lucene search
K

9802 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 2:41 a.m.10 views

firefox: thunderbird: Use-after-free in the DOM: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...

7.5CVSS5.7AI score0.00317EPSS
Exploits0References6
Amazon
Amazon
added 2026/05/26 12:0 a.m.18 views

Important: firefox

Issue Overview: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR...

9.8CVSS5.9AI score0.00446EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Important: firefox

Issue Overview: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. CVE-2026-45186 Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR...

9.8CVSS5.9AI score0.00446EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.16 views

PT-2026-43403

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.20 views

RHEL 9 : firefox (RHSA-2026:20574)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20574 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS5.9AI score0.00446EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.10 views

RHEL 8 : firefox (RHSA-2026:20566)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:20566 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS5.9AI score0.00446EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.18 views

TencentOS Server 3: thunderbird (TSSA-2026:0381)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0381 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.04938EPSS
Exploits1References26
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.10 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2026:2039-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2039-1 advisory. This update for MozillaFirefox fixes the following issue Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-48 bsc1265212 -...

9.8CVSS6AI score0.00605EPSS
Exploits0References42
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.22 views

TencentOS Server 3: firefox (TSSA-2026:0382)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0382 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.04938EPSS
Exploits1References26
AlmaLinux
AlmaLinux
added 2026/05/26 12:0 a.m.17 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
OSV
OSV
added 2026/05/26 12:0 a.m.10 views

ALSA-2026:20574 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2026/05/26 12:0 a.m.11 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

9.8CVSS5.8AI score0.00446EPSS
Exploits0References8
NVD
NVD
added 2026/05/25 11:16 p.m.14 views

CVE-2026-45435

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Melapress WP Activity Log allows DOM-Based XSS. This issue affects WP Activity Log: from n/a through 5.6.3...

6.5CVSS0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.11 views

PT-2026-43148

Name of the Vulnerable Software and Affected Versions WP Activity Log versions prior to 5.6.4 Description Improper neutralization of input during web page generation in Melapress WP Activity Log allows for DOM-Based Cross-site Scripting XSS, a flaw where the application contains client-side...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.10 views

WordPress plugin WP Activity Log 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.7AI score0.00197EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/23 10:2 a.m.74 views

xss_scanner

XSS Scanner – Automated Cross-Site Script Vulnerability Scanne...

5.9AI score
Exploits0
Cvelist
Cvelist
added 2026/05/22 10:34 p.m.21 views

CVE-2026-41149 Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state...

5.3CVSS0.00401EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/22 10:34 p.m.7 views

CVE-2026-41149 Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Versions 10.9.5 and earlier, as well as 11.0.0-alpha.1 through 11.14.0, are vulnerable to HTML injection under the default configuration. Specifically, the classDef directive in Mermaid state...

5.3CVSS5.6AI score0.00401EPSS
Exploits0References3
OSV
OSV
added 2026/05/22 4:16 p.m.6 views

UBUNTU-CVE-2026-42502

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
OSV
OSV
added 2026/05/22 4:16 p.m.6 views

UBUNTU-CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
Rows per page
Query Builder