Lucene search
K

18 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.3 views

vulnerability of the Widget component: Mozilla Firefox, Firefox ESR, and Thunderbird email client’s Cocoa browser engine, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the Widget component: Mozilla Firefox, Firefox ESR, and the email client Thunderbird have vulnerabilities related to information processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00385EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.2 views

vulnerability of the Widget component: Mozilla Firefox, Firefox ESR, and Thunderbird email client’s Cocoa browser engine, allowing attackers to execute arbitrary code.

The vulnerability of the Widget component: The Cocoa browser components of Mozilla Firefox, Firefox ESR, and the email client Thunderbird rely on the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00398EPSS
Exploits0References14Affected Software5
RedHat Linux
RedHat Linux
added 2026/06/17 10:31 a.m.7 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.2AI score0.00417EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 8:14 a.m.5 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.2AI score0.00417EPSS
Exploits0References6
OSV
OSV
added 2026/06/16 1:16 p.m.5 views

UBUNTU-CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.6 views

CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.3AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 11:52 a.m.11 views

EUVD-2026-37068

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 11:52 a.m.8 views

CVE-2026-12322 Clickjacking issue in the Widget: Gtk component

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00165EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/03 1:1 a.m.15 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.7AI score0.00417EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/27 4:24 p.m.15 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component...

9.6CVSS5.7AI score0.00417EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2026/05/21 1:34 p.m.5 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issue Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-48 bsc1265212 CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8391: Other issue in the JavaScript Engine component...

8.8CVSS5.9AI score0.00605EPSS
Exploits0References42
NVD
NVD
added 2026/05/19 2:16 p.m.23 views

CVE-2026-8949

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS0.00583EPSS
Exploits0References5
OSV
OSV
added 2026/05/19 2:16 p.m.12 views

UBUNTU-CVE-2026-8949

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS5.9AI score0.00583EPSS
Exploits0References10
OSV
OSV
added 2026/05/19 2:16 p.m.8 views

UBUNTU-CVE-2026-8959

Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

9.6CVSS5.8AI score0.00417EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/19 12:29 p.m.11 views

EUVD-2026-30899

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS5.9AI score0.00583EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/22 1:14 a.m.6 views

CVE-2026-6759

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Widget: Cocoa component...

7.5CVSS5.7AI score0.00363EPSS
Exploits0References5
OSV
OSV
added 2025/10/27 7:32 a.m.6 views

CVE-2025-12245 chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation

A vulnerability was identified in chatwoot up to 4.7.0. This vulnerability affects the function initPostMessageCommunication of the file app/javascript/sdk/IFrameHelper.js of the component Widget. The manipulation of the argument baseUrl leads to origin validation error. Remote exploitation of th...

6.9CVSS5.9AI score0.00293EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.10 views

PT-2025-43902

Name of the Vulnerable Software and Affected Versions chatwoot versions prior to 4.7.0 Description A flaw exists in chatwoot that allows for origin validation errors. This issue is located within the initPostMessageCommunication function of the app/javascript/sdk/IFrameHelper.js file, part of the...

6.9CVSS6.4AI score0.00293EPSS
Exploits1References8
Rows per page
Query Builder