Lucene search
K

1543 matches found

Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30001

Impact Apps that register an asynchronous session.setPermissionRequestHandler may be vulnerable to a use-after-free when handling fullscreen, pointer-lock, or keyboard-lock permission requests. If the requesting frame navigates or the window closes while the permission handler is pending, invokin...

7.5CVSS5.9AI score0.00287EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-38110

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in Fullscreen on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use...

9.6CVSS5.8AI score0.00344EPSS
Exploits0References138
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.6 views

CVE-2025-47666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:15 p.m.5 views

CVE-2025-47666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

7.1CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.10 views

CVE-2025-47666

CVE-2025-47666 is a reflected Cross-Site Scripting vulnerability in LambertGroup Image&Video FullScreen Background (lbg_fullscreen_fullwidth_slider) affecting versions through 1.6.7. The issue, described in multiple sources, arises from improper input neutralization during web page generation and...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.3 views

CVE-2025-47666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...

6.1CVSS5.3AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.21 views

CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

7.1CVSS0.00263EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.4 views

CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...

7.1CVSS5.9AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.8 views

PT-2026-3965

Name of the Vulnerable Software and Affected Versions LambertGroup Image&Video FullScreen Background versions through 1.6.7 Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting XSS. This means that...

5.3AI score0.00263EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.6 views

WordPress plugin lbg_fullscreen_fullwidth_slider has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.7AI score0.00263EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : firefox-102.10.0-1.0.1.el7.AXS7 (AXSA:2023-5303:17)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5303:17 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp BZ2186102 Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory...

8.8CVSS7.4AI score0.00741EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : firefox-102.7.0-1.el8.ML.1 (AXSA:2023-4857:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4857:04 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...

8.8CVSS8.3AI score0.00892EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

8.8CVSS8.1AI score0.0202EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : thunderbird-102.5.0-2.el9.ML.1 (AXSA:2023-5045:06)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5045:06 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

9.8CVSS8.2AI score0.01061EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 7 : firefox-91.3.0-1.0.1.el7.AXS7 (AXSA:2021-2530:32)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2530:32 advisory. Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules d...

10CVSS8.6AI score0.0383EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : firefox-102.8.0-2.0.1.el7.AXS7 (AXSA:2023-5143:11)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5143:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

8.8CVSS8.3AI score0.00817EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : firefox-102.8.0-2.el8.ML.1 (AXSA:2023-5141:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5141:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

8.8CVSS8.6AI score0.00817EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 9 : thunderbird-91.9.0-3.el9.ML.1 (AXSA:2022-3963:16)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3963:16 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

9.8CVSS7.8AI score0.01005EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-102.13.0-2.el8.ML.1 (AXSA:2023-6238:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6238:20 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...

8.8CVSS8.4AI score0.00755EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : firefox-91.9.0-1.el8.ML.1 (AXSA:2022-3174:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3174:10 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

9.8CVSS8.5AI score0.01005EPSS
Exploits3References7
Rows per page
Query Builder