CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4440 matches found

Vulnrichment•added 2025/12/16 10:54 p.m.•2 views

CVE-2025-14766

Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.7AI score0.00151EPSS

Exploits0References2

Hive Pro Threat Advisories•added 2025/12/16 2:0 p.m.•8 views

IE Mode: A Window to the Web – or to Attackers?

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Recently, Internet Explorer IE Mode has been weaponized by threat actors through multiple zero-day...

7.5CVSS8AI score0.92959EPSS

Exploits7

Tenable Nessus•added 2025/12/16 12:0 a.m.•1 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:4397-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4397-1 advisory. Update to Mozilla Thunderbird 140.6 bsc1254551. - MFSA 2025-96 CVE-2025-14321: use-after-free in...

9.8CVSS8.7AI score0.00103EPSS

Exploits2References22

Redos•added 2025/12/16 12:0 a.m.•2 views

ROS-20251216-7368

A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to reading data outside the buffer boundaries in memory. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

4.3CVSS6.8AI score0.00029EPSS

Exploits0

Redos•added 2025/12/16 12:0 a.m.•1 views

ROS-20251216-7359

A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

8.8CVSS7.5AI score0.00068EPSS

Exploits0

CNNVD•added 2025/12/16 12:0 a.m.•1 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome prior to version 143.0.7499.147, which stems from V8 out-of-bounds reads and writes that could lead to heap corruption...

8.8CVSS6.1AI score0.00151EPSS

Exploits0References3

Mageia•added 2025/12/15 8:6 p.m.•5 views

Updated thunderbird packages fix security vulnerabilities

Use-after-free in the WebRTC: Signaling component. CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. CVE-2025-14322 Privilege escalation in the DOM: Notifications component. CVE-2025-14323 IT miscompilation in the JavaScript Engine: JIT...

9.8CVSS7.8AI score0.00103EPSS

Exploits2References3

OSV•added 2025/12/15 8:6 p.m.•5 views

MGASA-2025-0328 Updated nspr, nss & firefox packages fix security vulnerabilities

9.8CVSS7.6AI score0.00103EPSS

Exploits2References10

OSV•added 2025/12/15 8:6 p.m.•2 views

MGASA-2025-0329 Updated thunderbird packages fix security vulnerabilities

9.8CVSS7.6AI score0.00103EPSS

Exploits2References4

OSV•added 2025/12/15 11:26 a.m.•1 views

SUSE-SU-2025:4397-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.6 bsc1254551. - MFSA 2025-96 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL...

9.8CVSS5.8AI score0.00103EPSS

Exploits2References12

SUSE Linux•added 2025/12/15 11:24 a.m.•4 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. MFSA 2025-94 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics:...

8.8CVSS7.7AI score0.00103EPSS

Exploits2References22

OSV•added 2025/12/15 11:24 a.m.•1 views

SUSE-SU-2025:4396-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.6.0 ESR bsc1254551. - MFSA 2025-94 CVE-2025-14321: use-after-free in the WebRTC: Signaling component. CVE-2025-14322: sandbox escape due to incorrect boundary conditions in the Graphics:...

9.8CVSS5.8AI score0.00103EPSS

Exploits2References12

Tenable Nessus•added 2025/12/12 12:0 a.m.•4 views

AlmaLinux 10 : firefox (ALSA-2025:23035)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:23035 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in...

9.8CVSS8.7AI score0.00103EPSS

Exploits2References12

RedHat Linux•added 2025/12/11 2:8 p.m.•3 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00083EPSS

Exploits0References5

RedHat Linux•added 2025/12/11 2:8 p.m.•2 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS5.7AI score0.00072EPSS

Exploits0References5

RedHat Linux•added 2025/12/11 2:8 p.m.•16 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS7.3AI score0.00103EPSS

Exploits2References11

RedHat Linux•added 2025/12/11 2:8 p.m.•4 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

7.3CVSS5.7AI score0.00103EPSS

Exploits1References5

Malwarebytes•added 2025/12/11 11:58 a.m.•8 views

[Updated] Another Chrome zero-day under attack: update now

Google issued an extra patch for a security vulnerability in Chrome that is being actively exploited, and it's urging users to update. The patch fixes three flaws in Chrome, and for one of them Google says an exploit already exists in the wild. Chrome is by far the world’s most popular browser,...

9.8CVSS7.9AI score0.4686EPSS

Exploits20

OSV•added 2025/12/11 9:9 a.m.•5 views

RLSA-2025:23035 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

7.5CVSS7.2AI score0.00103EPSS

Exploits2References11

SUSE CVE•added 2025/12/11 12:46 a.m.•2 views

SUSE CVE-2025-14324

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

8.8CVSS7.2AI score0.00072EPSS

Exploits0References15

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by