Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-19088

Malicious code in bioql PyPI...

9.8CVSS8.9AI score0.00244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-6433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would ...

9.8CVSS7.3AI score0.00244EPSS
Exploits0References2
Mozilla
Mozilla
added 2025/07/02 12:0 a.m.23 views

Security Vulnerabilities fixed in Thunderbird 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

9.8CVSS7.6AI score0.03057EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/02 12:0 a.m.2 views

Mozilla Thunderbird < 140.0

The version of Thunderbird installed on the remote Windows host is prior to 140.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-54 advisory. - Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory...

9.8CVSS7.1AI score0.03057EPSS
Exploits0References12
NVD
NVD
added 2025/06/24 1:15 p.m.7 views

CVE-2025-6433

If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This...

9.8CVSS0.00244EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/24 12:28 p.m.2 views

CVE-2025-6433 WebAuthn would allow a user to sign a challenge on a webpage with an invalid TLS certificate

If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This...

7.2AI score0.00244EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/24 12:0 a.m.8 views

PT-2025-26730

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Description: The issue arises when a user visits a webpage with an invalid TLS certificate and grants an exception. In this scenario, the webpage can provide a WebAuthn challenge that the user is prompted to...

9.8CVSS7.8AI score0.09348EPSS
Exploits2References162
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.6 views

Astra Linux – Vulnerability in Firefox

If a user visited a webpage with an invalid TLS certificate and granted an exception, the webpage was able to present a WebAuthn challenge that the user was prompted to complete. This violates the WebAuthN specification, which requires a secure transport connection without errors. This...

9.8CVSS5.4AI score0.00244EPSS
Exploits0References3
Rows per page
Query Builder