Lucene search
K

24 matches found

NVD
NVD
added 2026/06/28 12:17 p.m.10 views

CVE-2026-13491

A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqttprotocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument sessionid results in denial of service. The...

6.3CVSS0.00411EPSS
Exploits0References8
CVE
CVE
added 2026/06/28 11:15 a.m.16 views

CVE-2026-13491

The CVE-2026-13491 entry concerns 78 xiaozhi-esp32 (up to version 2.2.6) and identifies a vulnerability in the MQTT Goodbye Handler. The issue lies in Application::GetInstance within main/protocols/mqtt_protocol.cc, where manipulating the session_id argument can trigger a denial of service. The a...

6.3CVSS5AI score0.00411EPSS
Exploits0References8
OSV
OSV
added 2026/05/29 8:44 a.m.8 views

BIT-JOOMLA-2026-48901 Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects

The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...

7.5CVSS5.8AI score0.00245EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 4:42 p.m.11 views

EUVD-2026-31871

The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...

5.8AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2026/04/09 6:16 p.m.6 views

CVE-2025-63238

A Reflected Cross-Site Scripting XSS affects LimeSurvey versions prior to 6.15.11+250909, due to the lack of validation of gid parameter in getInstance function in application/models/QuestionCreate.php. This allows an attacker to craft a malicious URL and compromise the logged in user...

6.1CVSS0.00227EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/09 6:9 p.m.5 views

Cross-site Scripting (XSS)

Overview limesurvey/limesurvey is a FOSS online survey tool on the web. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the getInstance function when processing the gid parameter. An attacker can execute arbitrary JavaScript in the context of a logged-in user by...

6.1CVSS5.8AI score0.00227EPSS
Exploits1References2
CVE
CVE
added 2026/04/09 12:0 a.m.20 views

CVE-2025-63238

CVE-2025-63238 is a reported Reflected Cross‑Site Scripting (XSS) in LimeSurvey prior to 6.15.11+250909. The vulnerability stems from missing validation of the gid parameter in getInstance() within application/models/QuestionCreate.php, allowing an attacker to craft a malicious URL that could com...

6.1CVSS5.9AI score0.00227EPSS
Exploits1References2Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2025/11/14 12:0 a.m.13 views

[20260517] - Core - Incorrect Cache Key Construction for InputFilter objects

The InputFilter::getInstance method omitted a security sensitive parameter from the instance cache key...

7.5CVSS5.8AI score0.00245EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/11/12 1:48 a.m.9 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/12 1:36 a.m.7 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/30 4:52 a.m.4 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/10/23 12:0 a.m.3 views

The vulnerability of the MediaTrackGraphImpl::GetInstance function in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a malicious actor to execute arbitrary code.

The vulnerability of the MediaTrackGraphImpl::GetInstance function in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

10CVSS7.5AI score0.00475EPSS
Exploits0References15Affected Software5
Tenable Nessus
Tenable Nessus
added 2025/10/20 12:0 a.m.3 views

FreeBSD : Mozilla -- Use-after-free (85c17eb8-ad02-11f0-b2aa-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 85c17eb8-ad02-11f0-b2aa-b42e991fc52e advisory. [email protected] reports: Use-after-free in MediaTrackGraphImpl::GetInstance Tenable has extracted...

9.8CVSS8.2AI score0.00475EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/15 4:41 p.m.7 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/15 4:0 p.m.6 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
OSV
OSV
added 2025/10/14 1:15 p.m.5 views

UBUNTU-CVE-2025-11708

Use-after-free in MediaTrackGraphImpl::GetInstance. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

9.8CVSS7.3AI score0.00475EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2025/10/14 12:27 p.m.3 views

CVE-2025-11708

Use-after-free in MediaTrackGraphImpl::GetInstance. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/10/14 12:27 p.m.5 views

CVE-2025-11708 Use-after-free in MediaTrackGraphImpl::GetInstance()

Use-after-free in MediaTrackGraphImpl::GetInstance. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

7.2AI score0.00475EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2025/10/14 12:0 a.m.10 views

Mozilla -- Use-after-free

[email protected] reports: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7AI score0.00475EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2022/07/25 1:45 p.m.70 views

java-1.8.0-openjdk security, bug fix, and enhancement update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

7.5CVSS7.1AI score0.17673EPSS
Exploits2
Rows per page
Query Builder