Lucene search
+L

9976 matches found

RedHat Linux
RedHat Linux
added 2026/07/09 9:24 a.m.7 views

firefox: thunderbird: Sandbox escape in the DOM: Navigation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...

9.6CVSS5.9AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/09 9:24 a.m.8 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.9AI score0.00306EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/09 12:31 a.m.10 views

EUVD-2026-42452

Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6AI score0.00202EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.6 views

TencentOS Server 4: firefox (TSSA-2026:0545)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0545 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS6AI score0.00306EPSS
Exploits0References2
CVE
CVE
added 2026/07/08 10:36 p.m.19 views

CVE-2026-15123

CVE-2026-15123 describes an inappropriate DOM implementation in Google Chrome, prior to 150.0.7871.115, that may allow remote heap corruption via a crafted HTML page. All connected documents confirm the issue in the Chrome DOM, with the impact labeled High and CVE-2026-15123 consistently cited ac...

8.8CVSS6AI score0.00202EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/07/08 10:36 p.m.7 views

CVE-2026-15123

Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00202EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/08 10:36 p.m.37 views

CVE-2026-15123

Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3795 (ALAS-2026-3795)

The version of thunderbird installed on the remote host is prior to 140.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3795 advisory. Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR...

9.6CVSS6.9AI score0.00476EPSS
Exploits0References78
Amazon
Amazon
added 2026/07/08 12:0 a.m.6 views

Important: thunderbird

Issue Overview: Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12289 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firef...

9.6CVSS6.9AI score0.00476EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Important: firefox

Issue Overview: Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12289 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firef...

9.6CVSS6.9AI score0.00476EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:48 p.m.6 views

CVE-2026-55592

Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy...

3.9CVSS6AI score0.00255EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/07/07 4:2 p.m.5 views

PYSEC-2026-1481 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...

8.8CVSS6.1AI score0.00373EPSS
Exploits0References7
PyPA
PyPA
added 2026/07/07 4:2 p.m.12 views

HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

ImpactThe vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature.A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...

8.8CVSS6.1AI score0.00373EPSS
Exploits0References7Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 3:13 p.m.14 views

Malicious code in chai-chain-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1964693dd7c2bdd9ca7ae20eb441597571b1b78a689bd97648998c6442bda99 Package impersonates the pino logger exports module.exports.pino, README uses pino badge, keywords mimic pino but its actual behavior is a remote cod...

6.3AI score
Exploits0References4
OSV
OSV
added 2026/07/07 3:13 p.m.10 views

MAL-2026-6919 Malicious code in chai-chain-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1964693dd7c2bdd9ca7ae20eb441597571b1b78a689bd97648998c6442bda99 Package impersonates the pino logger exports module.exports.pino, README uses pino badge, keywords mimic pino but its actual behavior is a remote cod...

6.3AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/07 6:46 a.m.5 views

firefox: thunderbird: Sandbox escape in the DOM: Navigation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...

9.6CVSS5.9AI score0.00393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/07 6:46 a.m.7 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.9AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/07 6:39 a.m.5 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

9.6CVSS6AI score0.00476EPSS
Exploits0References30
RedHat Linux
RedHat Linux
added 2026/07/07 6:39 a.m.4 views

firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...

7.5CVSS5.9AI score0.00306EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/07 6:39 a.m.6 views

firefox: thunderbird: Sandbox escape in the DOM: Navigation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...

9.6CVSS5.9AI score0.00393EPSS
Exploits0References6
Rows per page
Query Builder