1274 matches found
CVE-2026-0877
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Microsoft Inbox COM Objects 资源管理错误漏洞
Microsoft Inbox COM Objects is a built-in COM component for the Windows operating system from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Inbox COM Objects. An attacker can exploit this vulnerability to remotely execute code...
Mozilla Firefox和Mozilla Firefox ESR 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...
CVE-2025-69275 Spectrum outdated java library in class-path
Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier...
CVE-2026-22518 WordPress X Addons for Elementor plugin <= 1.0.23 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pencilwp X Addons for Elementor x-addons-elementor allows DOM-Based XSS.This issue affects X Addons for Elementor: from n/a through = 1.0.23...
CVE-2025-68867
CVE-2025-68867 affects the WordPress plugin Effect Maker (effect-maker) by anibalwainstein. The issue is authenticated, stored Cross-Site Scripting in Effect Maker
PT-2026-2195
Name of the Vulnerable Software and Affected Versions pencilwp X Addons for Elementor versions through 1.0.23 Description An issue exists in pencilwp X Addons for Elementor that allows for DOM-Based Cross-site Scripting XSS. This is due to improper neutralization of input during web page...
CVE-2024-30461
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tumult Inc Tumult Hype Animations allows DOM-Based XSS.This issue affects Tumult Hype Animations: from n/a through 1.9.11...
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...
PT-2026-1492
Name of the Vulnerable Software and Affected Versions Shazdeh Header Image Slider versions through 0.3 Description The Shazdeh Header Image Slider software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. Thi...
DEBIAN-CVE-2025-65110
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. Prior to versions 6.1.2 and 5.6.3, applications meeting two conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used...
CVE-2023-51513
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...
CVE-2023-51513 WordPress Geo Controller plugin <= 8.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in INTINITUM FORM Geo Controller allows DOM-Based XSS.This issue affects Geo Controller: from n/a through 8.5.2...
EUVD-2023-53191
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in KlbTheme Machic Core allows DOM-Based XSS.This issue affects Machic Core: from n/a through 1.2.6...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...
firefox: thunderbird: Privilege escalation in the DOM: Notifications component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Notifications component...