Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/06/25 12:0 a.m.5 views

Slackware: Security Advisory (SSA:2025-175-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.03057EPSS
Exploits1References17
NVD
NVD
added 2025/06/24 1:15 p.m.5 views

CVE-2025-6427

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

9.1CVSS0.003EPSS
Exploits0References3
CVE
CVE
added 2025/06/24 12:28 p.m.79 views

CVE-2025-6427

CVE-2025-6427 affects Firefox and Thunderbird prior to version 140. The issue is a bypass of the CSP connect-src directive via manipulation of subdocuments, which could also conceal network connections from DevTools Network tab. Affected products: Firefox < 140 and Thunderbird

9.1CVSS7.3AI score0.003EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/06/24 12:28 p.m.8 views

CVE-2025-6427 connect-src Content Security Policy restriction could be bypassed

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

0.003EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/24 12:28 p.m.3 views

CVE-2025-6427 connect-src Content Security Policy restriction could be bypassed

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

7.3AI score0.003EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/06/24 12:28 p.m.6 views

CVE-2025-6427

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

9.1CVSS8.4AI score0.003EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/06/24 12:0 a.m.3 views

CVE-2025-6427

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

9.1CVSS7.3AI score0.003EPSS
Exploits0References5
Rows per page
Query Builder