9976 matches found
firefox: thunderbird: Sandbox escape in the DOM: Navigation component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
EUVD-2026-42452
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
TencentOS Server 4: firefox (TSSA-2026:0545)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0545 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2026-15123
CVE-2026-15123 describes an inappropriate DOM implementation in Google Chrome, prior to 150.0.7871.115, that may allow remote heap corruption via a crafted HTML page. All connected documents confirm the issue in the Chrome DOM, with the impact labeled High and CVE-2026-15123 consistently cited ac...
CVE-2026-15123
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15123
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3795 (ALAS-2026-3795)
The version of thunderbird installed on the remote host is prior to 140.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3795 advisory. Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR...
Important: thunderbird
Issue Overview: Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12289 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firef...
Important: firefox
Issue Overview: Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12289 Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firef...
CVE-2026-55592
Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy...
PYSEC-2026-1481 HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
ImpactThe vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature.A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...
Malicious code in chai-chain-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1964693dd7c2bdd9ca7ae20eb441597571b1b78a689bd97648998c6442bda99 Package impersonates the pino logger exports module.exports.pino, README uses pino badge, keywords mimic pino but its actual behavior is a remote cod...
MAL-2026-6919 Malicious code in chai-chain-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1964693dd7c2bdd9ca7ae20eb441597571b1b78a689bd97648998c6442bda99 Package impersonates the pino logger exports module.exports.pino, README uses pino badge, keywords mimic pino but its actual behavior is a remote cod...
firefox: thunderbird: Sandbox escape in the DOM: Navigation component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the DOM: Core & HTML component...
firefox: thunderbird: Sandbox escape in the DOM: Navigation component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Navigation component...