Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2025/10/28 2:6 p.m.2 views

CVE-2025-12380 Use-after-free in WebGPU internals triggered from a compromised child process

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...

0.0006EPSS
Exploits0References2
Mozilla
Mozillaadded 2025/10/28 12:0 a.m.7 views

Security Vulnerabilities fixed in Firefox 144.0.2 — Mozilla

Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox...

9.8CVSS6.9AI score0.0006EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/03/27 1:27 p.m.20 views

CVE-2025-2857 Incorrect handle could lead to sandbox escapes

Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. The original vulnerability was...

7.3AI score0.00203EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2023/06/21 9:44 a.m.31 views

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

8CVSS6.9AI score0.00422EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2023/06/19 11:15 a.m.29 views

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

10CVSS7.7AI score0.00422EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2023/06/19 10:45 a.m.24 views

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

10CVSS8.6AI score0.00422EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2023/06/19 10:45 a.m.11 views

CVE-2019-25136

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox 70...

9.1AI score0.00422EPSS
Exploits0References2
Cvelist
Cvelistadded 2020/04/15 7:0 p.m.22 views

CVE-2019-12522

An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leavesuid call. leavesuid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child proces...

5AI score0.0018EPSS
Exploits0References2
Mozilla
Mozillaadded 2019/06/20 12:0 a.m.64 views

Security vulnerabilities fixed in Thunderbird 60.7.2 — Mozilla

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw. Insufficient vetting of parameters passed with the Prompt:Open IPC message between chi...

10CVSS1.4AI score0.84291EPSS
Exploits14References2Affected Software1
Rows per page
Query Builder