Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4293 matches found

OSV
OSVadded 2025/05/27 1:15 p.m.1 views

CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected. Thi...

4.8CVSS6.2AI score0.00141EPSS
Exploits0References6
OSV
OSVadded 2025/05/27 1:15 p.m.6 views

CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbir...

4.8CVSS5.6AI score
Exploits0References8
NVD
NVDadded 2025/05/27 1:15 p.m.12 views

CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...

4.8CVSS0.00141EPSS
Exploits0References6
NVD
NVDadded 2025/05/27 1:15 p.m.15 views

CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

4.8CVSS0.00135EPSS
Exploits0References8
OSV
OSVadded 2025/05/27 1:15 p.m.0 views

UBUNTU-CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbir...

4.8CVSS6.9AI score0.00135EPSS
Exploits0References9
OSV
OSVadded 2025/05/27 1:15 p.m.1 views

UBUNTU-CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected. Thi...

4.8CVSS6AI score0.00141EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2025/05/27 12:29 p.m.8 views

CVE-2025-5265 Potential local code execution in “Copy as cURL” command

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...

6.7AI score0.00141EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/05/27 12:29 p.m.17 views

CVE-2025-5265 Potential local code execution in “Copy as cURL” command

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...

0.00141EPSS
Exploits0References6
CVE
CVEadded 2025/05/27 12:29 p.m.101 views

CVE-2025-5265

CVE-2025-5265 concerns Firefox on Windows where the Copy as cURL feature improperly escapes the ampersand, enabling a crafted command to trigger local code execution. The impact is described as potentially allowing arbitrary code execution on the user’s system when the user runs the affected curl...

4.8CVSS6.7AI score0.00141EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2025/05/27 12:29 p.m.114 views

CVE-2025-5264

CVE-2025-5264 involves insufficient escaping of the newline character in Firefox/Thunderbird Copy as cURL functionality, enabling a user to be tricked into executing a crafted command locally. Affected: Firefox < 139, Firefox ESR < 115.24/128.11, Thunderbird

4.8CVSS7AI score0.00135EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichmentadded 2025/05/27 12:29 p.m.12 views

CVE-2025-5264 Potential local code execution in “Copy as cURL” command

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

7AI score0.00135EPSS
Exploits0References6
Cvelist
Cvelistadded 2025/05/27 12:29 p.m.24 views

CVE-2025-5264 Potential local code execution in “Copy as cURL” command

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

0.00135EPSS
Exploits0References6
Mozilla
Mozillaadded 2025/05/27 12:0 a.m.17 views

Security Vulnerabilities fixed in Firefox ESR 115.24 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

5.4CVSS6.6AI score0.00493EPSS
Exploits0References4Affected Software1
Mozilla
Mozillaadded 2025/05/27 12:0 a.m.14 views

Security Vulnerabilities fixed in Firefox ESR 128.11 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

8.1CVSS7.3AI score0.00493EPSS
Exploits0References8Affected Software1
Mozilla
Mozillaadded 2025/05/27 12:0 a.m.16 views

Security Vulnerabilities fixed in Thunderbird 139 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

7.5CVSS8.1AI score0.00493EPSS
Exploits0References10Affected Software1
Mozilla
Mozillaadded 2025/05/27 12:0 a.m.30 views

Security Vulnerabilities fixed in Firefox 139 — Mozilla

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. Error handling for script execution was incorrectly isolated from web content, which could ha...

7.5CVSS7.4AI score0.00493EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessusadded 2025/05/27 12:0 a.m.6 views

Mozilla Thunderbird < 139.0

The version of Thunderbird installed on the remote Windows host is prior to 139.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-45 advisory. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of...

8.1CVSS7.4AI score0.00493EPSS
Exploits0References11
Tenable Nessus
Tenable Nessusadded 2025/05/27 12:0 a.m.9 views

Mozilla Firefox ESR < 128.11

The version of Firefox ESR installed on the remote Windows host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-44 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory...

8.1CVSS7.1AI score0.00493EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2025/05/27 12:0 a.m.12 views

Mozilla Thunderbird < 128.11

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-46 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of...

8.1CVSS7AI score0.00493EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2025/05/27 12:0 a.m.13 views

Mozilla Firefox ESR < 115.24

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.24. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-43 advisory. - A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing t...

5.4CVSS7.1AI score0.00493EPSS
Exploits0References5
Rows per page
Query Builder