Lucene search
K

29772 matches found

OSV
OSV
added 2026/01/16 12:9 p.m.2 views

OPENSUSE-SU-2026:20046-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.6.0 ESR MFSA 2025-96 bsc1254551 CVE-2025-14321 bmo1992760 Use-after-free in the WebRTC: Signaling component CVE-2025-14322 bmo1996473 Sandbox escape due to incorrect boundary...

9.8CVSS5.8AI score0.00498EPSS
Exploits2References11
OSV
OSV
added 2026/01/16 11:59 a.m.5 views

OESA-2026-1090 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS7.5AI score0.0057EPSS
Exploits2References24
OSV
OSV
added 2026/01/16 11:58 a.m.5 views

OESA-2026-1088 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS7.5AI score0.0057EPSS
Exploits2References24
OSV
OSV
added 2026/01/16 11:58 a.m.6 views

OESA-2026-1086 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS7.5AI score0.0057EPSS
Exploits2References24
Rockylinux
Rockylinux
added 2026/01/16 9:6 a.m.9 views

firefox security update

An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

9.8CVSS7.3AI score0.0057EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/16 12:24 a.m.9 views

CVE-2025-67079

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via crafted PDF file to the file upload and thumbnail functions...

9.8CVSS7.5AI score0.00381EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : thunderbird-45.3.0-1.AXS4 (AXSA:2016-652:06)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-652:06 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-2836 Multiple unspecified vulnerabilities in...

8.8CVSS8.8AI score0.0289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Cisco IOS XE Software Unified Threat Defense Snort Intrusion Prevention System Engine Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)

According to its self-reported version, Cisco IOS-XE Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restar...

5.8CVSS6.1AI score0.00634EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Cisco Firepower Threat Defense (FTD) Software Multiple Vulnerabilities (cisco-sa-snort3-dcerpc-vulns-J9HNF4tH)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by the following vulnerabilities: - A vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak...

5.8CVSS6.1AI score0.00634EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Microsoft Edge (Chromium) < 144.0.3719.82 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 144.0.3719.82. It is, therefore, affected by multiple vulnerabilities as referenced in the January 16, 2026 advisory. - Use after free in ANGLE. CVE-2026-0908 - Microsoft Edge Elevation Service exposes a privileged COM...

9.8CVSS7.2AI score0.00382EPSS
Exploits0References23
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

RockyLinux 8 : firefox (RLSA-2026:0667)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0667 advisory. firefox: Spoofing issue in the Downloads Panel component CVE-2025-14327 firefox: Use-after-free in the JavaScript: GC component CVE-2026-0885 firefox:...

9.8CVSS5.7AI score0.0057EPSS
Exploits0References27
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from an improper implementation in V8, which can be exploited by an attacker to bypass security restrictions...

8.8CVSS7.3AI score0.00323EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.4 views

Google Chrome security vulnerabilities

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from improper implementations in the V8 engine...

8.8CVSS7.3AI score0.00258EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 3 : firefox-24.5.0-1.0.2.AXS3 (AXSA:2014-356:03)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-356:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

9.8CVSS8.4AI score0.07543EPSS
Exploits5References8
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

Google Chrome security vulnerabilities

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability, which stems from out-of-bound memory access in the V8 engine...

8.8CVSS7.3AI score0.00382EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 7 : java-11-openjdk-11.0.1.13-3.el7 (AXSA:2019-3622:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3622:01 advisory. OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-31...

9CVSS6.5AI score0.07215EPSS
Exploits2References8
OSV
OSV
added 2026/01/15 11:15 p.m.4 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

5.4CVSS5.9AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 11:15 p.m.13 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/15 11:0 p.m.3 views

CVE-2026-1010 Stored Cross-Site Scripting in Altium Enterprise Server Workflow Engine Allows Privilege Escalation

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS5.4AI score0.00303EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/15 11:0 p.m.3 views

CVE-2026-1010

A stored cross-site scripting XSS vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow,...

8CVSS5.4AI score0.00303EPSS
Exploits0References2
Rows per page
Query Builder