CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2104 matches found

Mozilla•added 2025/11/11 12:0 a.m.•8 views

Security Vulnerabilities fixed in Firefox ESR 140.5 — Mozilla

CVE-2025-13012: Race condition in the Graphics component Reporter Irvan Kurniawan Impact high References Bug 1991458 CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component Reporter Igor Morgenstern Impact high References Bug 1992130 CVE-2025-13017: Same-origin poli...

8.8CVSS6.7AI score0.00401EPSS

Exploits0References9Affected Software1

Positive Technologies•added 2025/11/11 12:0 a.m.•8 views

PT-2025-46356

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 145 Mozilla Firefox ESR versions prior to 140.5 Thunderbird versions prior to 145 Thunderbird versions prior to 140.5 Mozilla Firefox ESR versions prior to 140.5.0esr-1deb11u1 Mozilla Firefox ESR versions prio...

10CVSS8.1AI score0.09348EPSS

Exploits2References228

FreeBSD•added 2025/11/11 12:0 a.m.•6 views

firefox -- Use-after-free

https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...

8.8CVSS6.6AI score0.00401EPSS

Exploits0References9

RedhatCVE•added 2025/10/28 8:51 p.m.•3 views

CVE-2025-62711

A Denial of Service vulnerability has been identified in the Wasmtime WebAssembly runtime, affecting versions 38.0.0 through 38.0.2. An attacker can exploit this flaw by providing a carefully crafted WebAssembly component and invoking it in a specific manner. This malicious action causes the host...

3.7CVSS6.8AI score0.00405EPSS

Exploits0References6

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-62711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in...

3.1CVSS5.2AI score0.00405EPSS

Exploits0References2

CNNVD•added 2025/10/24 12:0 a.m.•4 views

wasmtime 安全漏洞

wasmtime is a lightweight WebAssembly runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in wasmtime version 38.0.0 through versions prior to 38.0.3, which stems from a flaw in the host-to-wasm springboard implementation associated with the component model, which could...

3.1CVSS6.3AI score0.00405EPSS

Exploits0References3