Lucene search
K

45 matches found

Debian CVE
Debian CVE
added 2026/03/24 12:30 p.m.3 views

CVE-2026-4727

Denial-of-service in the Libraries component in NSS. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

7.5CVSS7.9AI score0.0053EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/09 9:34 a.m.9 views

firefox: thunderbird: Information disclosure in the Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Networking component...

5.3CVSS5.7AI score0.00411EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:57 a.m.5 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

8CVSS5.7AI score0.00287EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.7 views

Mozilla Firefox < 3.0.18

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 3.0.18. It is, therefore, affected by a vulnerability as referenced in the mfsa2010-05 advisory. - Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support th...

4.3CVSS8.1AI score0.02965EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.4 views

PT-2025-44159

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144.0.2 Description A compromised child process could trigger a use-after-free in the GPU or browser process through WebGPU-related IPC calls. This could potentially allow for escaping the child process sandbox...

10CVSS6.5AI score0.00308EPSS
Exploits0References18
AlpineLinux
AlpineLinux
added 2025/09/16 1:15 p.m.1 views

CVE-2025-10529

Same-origin policy bypass in the Layout component. This vulnerability affects Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

6.5CVSS6.1AI score0.00281EPSS
Exploits0References7
CVE
CVE
added 2025/09/16 12:26 p.m.49 views

CVE-2025-10527

The CVE-2025-10527 entry corresponds to a sandbox escape via use-after-free in the Graphics: Canvas2D component. Affected products include Firefox &lt;143, Firefox ESR &lt;140.3, Thunderbird &lt;143, and Thunderbird

7.1CVSS7AI score0.00258EPSS
Exploits0References7Affected Software2
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.8 views

PT-2025-33870

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 142 Firefox ESR versions prior to 140.2 Thunderbird versions prior to 142 Thunderbird ESR versions prior to 140.2 Description: Memory safety bugs are present in the software, with some showing evidence of memory...

9.8CVSS9.4AI score0.09348EPSS
Exploits2References150
OSV
OSV
added 2025/04/29 2:15 p.m.8 views

UBUNTU-CVE-2025-4088

A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability was fixed in...

6.5CVSS6.5AI score0.00153EPSS
Exploits0References7
OSV
OSV
added 2024/03/19 12:15 p.m.2 views

DEBIAN-CVE-2024-2612

If an attacker could find a way to trigger a particular code path in SafeRefPtr, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9...

8.1CVSS7.1AI score0.00971EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/01/25 2:48 a.m.3 views

SUSE CVE-2024-0742

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

4.3CVSS6.2AI score0.00596EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.6 views

SUSE CVE-2010-2770

Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 on Mac OS X allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted font in a data...

9.3CVSS7.9AI score0.03749EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.4 views

SUSE CVE-2011-3079

The Inter-process Communication IPC implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors...

10CVSS8.8AI score0.01445EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.2 views

SUSE CVE-2013-1686

Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption vi...

10CVSS9.3AI score0.05397EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.4 views

SUSE CVE-2013-5619

Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

7.5CVSS9.2AI score0.03707EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5376

Use-after-free while manipulating XSL in XSLT documents. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and Firefox 51...

9.8CVSS6.9AI score0.03208EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5391

Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox 51...

9.8CVSS6.4AI score0.01793EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.2 views

SUSE CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

4.3CVSS8.3AI score0.01097EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.4 views

SUSE CVE-2017-7826

Memory safety bugs were reported in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 57, Firefox ESR 52.5, and Thunderbird...

7.5CVSS9.4AI score0.03343EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.3 views

SUSE CVE-2019-9814

Mozilla developers and community members reported memory safety bugs present in Firefox 66. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox 67...

7.5CVSS9.3AI score0.01312EPSS
Exploits0References4
Rows per page
Query Builder