16 matches found
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...
CVE-2025-62656
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44...
UBUNTU-CVE-2025-62702
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - PageTriage Extension allows Stored XSS.This issue affects Mediawiki - PageTriage Extension: from master before 1.44...
CVE-2025-62656 GlobalBlocking Special:GlobalBlockList vulnerable to message key stored XSS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44...
CVE-2025-62656
CVE-2025-62656 concerns a stored XSS in the Wikimedia Foundation MediaWiki GlobalBlocking extension. The connected sources confirm the vulnerability arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Affected versions are MediaWiki Globa...
CVE-2025-11719
Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...
DEBIAN-CVE-2025-11715
Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...
CVE-2025-11720
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...
PT-2025-41898
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144 Firefox ESR versions prior to 115.29 Firefox ESR versions prior to 140.4 Thunderbird versions prior to 144 Thunderbird versions prior to 140.4 Description A compromised web process utilizing malicious Inter-Proces...
CVE-2023-21987
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
CVE-2023-22001
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
Linux ConnMan 安全漏洞
Linux ConnMan is an application from the Linux community in the United States. It provides Intel's Modular Network Connection Manager. A security vulnerability exists in Linux ConnMan versions 1.44 and earlier, which stems from a TC bit setting in the DNS response resulting in a denial of service...
UBUNTU-CVE-2023-21990
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software architecture from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a suite of virtualization solutions from Oracle. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center. A security vulnerability exists in the Cor...
PT-2023-2788 · Oracle +2 · Virtualbox +2
Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.44 Oracle VM VirtualBox versions prior to 7.0.8 Description: The issue is related to a use-after-free vulnerability in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker...