Cross-site Scripting (XSS)

Overview org.webjars.npm:bootstrap is a WebJar for bootstrap. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tooltip and Popover components due to improper neutralization of input during web page generation. An attacker can manipulate the output of web pages ...

CVE-2025-1647 XSS in Bootstrap title attribute for Tooltip and Popover

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Bootstrap allows Cross-Site Scripting XSS.This issue affects Bootstrap: from 3.4.1 before 4.0.0...

CVE-2025-1647

CVE-2025-1647 is an XSS vulnerability in Bootstrap affecting 3.4.1 up to 4.0.0, due to improper input neutralization in the Popover and Tooltip components. Several sources confirm affected versions and public advisories (Debian DLA-4204-1, GHSA advisory, Debian security tracker, and CVE records)....

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update ...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

PT-2025-21471 · WordPress · Genesis Blocks

Name of the Vulnerable Software and Affected Versions: Genesis Blocks WordPress plugin versions 3.1.3 and earlier Description: The issue arises from the plugin's failure to properly escape attributes provided to some of its custom blocks. This oversight allows users with post-writing permissions,...

RHEL 8 : thunderbird (RHSA-2025:7689)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7689 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...

RHEL 9 : thunderbird (RHSA-2025:7694)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7694 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...

RHEL 8 : thunderbird (RHSA-2025:7690)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7690 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Privilege escalation in Firefox Updater...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

kernel: x86/mm/pat: fix VM_PAT handling in COW mappings

CVE-2024-35877 pertains to a flaw in the Linux kernel's handling of Page Attribute Table PAT settings during Copy-On-Write COW operations. When a write operation triggers a COW event, the kernel may replace the original page table entries PTEs with anonymous folios. This replacement disrupts the...

RHEL 8 : firefox (RHSA-2025:7543)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7543 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

RHEL 8 : firefox (RHSA-2025:7547)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7547 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...