Lucene search
K

16 matches found

RedHat Linux
RedHat Linux
added 2025/11/10 1:56 a.m.6 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/21 8:29 p.m.10 views

CVE-2025-62656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44...

5.8CVSS6AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/10/21 5:15 a.m.3 views

UBUNTU-CVE-2025-62702

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - PageTriage Extension allows Stored XSS.This issue affects Mediawiki - PageTriage Extension: from master before 1.44...

6.9CVSS5.8AI score0.00311EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/20 8:15 p.m.3 views

CVE-2025-62656 GlobalBlocking Special:GlobalBlockList vulnerable to message key stored XSS

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44...

5.8CVSS5.7AI score0.00245EPSS
Exploits0References1
CVE
CVE
added 2025/10/20 8:15 p.m.12 views

CVE-2025-62656

CVE-2025-62656 concerns a stored XSS in the Wikimedia Foundation MediaWiki GlobalBlocking extension. The connected sources confirm the vulnerability arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. Affected versions are MediaWiki Globa...

5.8CVSS5.7AI score0.00245EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 1:15 p.m.4 views

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

9.8CVSS5.8AI score0.00323EPSS
Exploits0References3
OSV
OSV
added 2025/10/14 1:15 p.m.1 views

DEBIAN-CVE-2025-11715

Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.8CVSS8.5AI score0.00299EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/10/14 12:27 p.m.3 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.3AI score0.00244EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.7 views

PT-2025-41898

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144 Firefox ESR versions prior to 115.29 Firefox ESR versions prior to 140.4 Thunderbird versions prior to 144 Thunderbird versions prior to 140.4 Description A compromised web process utilizing malicious Inter-Proces...

10CVSS8.7AI score0.09348EPSS
Exploits2References316
RedhatCVE
RedhatCVE
added 2025/05/23 6:6 a.m.5 views

CVE-2023-21987

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

7.8CVSS6.5AI score0.00671EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:52 a.m.3 views

CVE-2023-22001

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

4.6CVSS4.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/10 12:0 a.m.6 views

Linux ConnMan 安全漏洞

Linux ConnMan is an application from the Linux community in the United States. It provides Intel's Modular Network Connection Manager. A security vulnerability exists in Linux ConnMan versions 1.44 and earlier, which stems from a TC bit setting in the DNS response resulting in a denial of service...

9CVSS6.6AI score0.00448EPSS
Exploits0References2
OSV
OSV
added 2023/04/18 8:15 p.m.5 views

UBUNTU-CVE-2023-21990

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.2CVSS6.8AI score0.00332EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.7 views

Oracle Virtualization 安全漏洞

Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software architecture from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the...

4.6CVSS7.2AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.5 views

Oracle Virtualization 安全漏洞

Oracle Virtualization is a suite of virtualization solutions from Oracle. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center. A security vulnerability exists in the Cor...

7.8CVSS7.8AI score0.00671EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.6 views

PT-2023-2788 · Oracle +2 · Virtualbox +2

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.44 Oracle VM VirtualBox versions prior to 7.0.8 Description: The issue is related to a use-after-free vulnerability in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker...

8.8CVSS5.9AI score0.02167EPSS
Exploits1References146
Rows per page
Query Builder