17049 matches found
PT-2025-50358
Name of the Vulnerable Software and Affected Versions Jenkins Git client Plugin versions 6.4.0 and earlier Description The Jenkins Git client Plugin does not properly escape the path to the workspace directory when creating a temporary shell script. This allows attackers who can control the...
Mozilla Thunderbird < 140.6
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 140.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-96 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146, Firefox ESR...
Apache HTTP Server Security Bypass Vulnerability (CNVD-2025-3083394)
Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A security bypass vulnerability exists in Apache HTTP Server versions 2.4.0 through 2.4.65 due to incorrect neutralization of...
EUVD-2025-202164
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox 146, Firefox ESR 115.31, and Firefox ESR 140.6...
CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability affects Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
UBUNTU-CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322
CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. Affected software: Firefox versions before 146 and ESR before 115.31 and 140.6. The issue is described across multiple advisories (ALAS2023-2025-1337, ALAS2FIREFOX-2025-049, ALSA-2025:23128...
CVE-2025-14322 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2025-14322
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Exploit for CVE-2025-9074
CVE-2025-9074: Docker Desktop Container Escape PoC !CVEhtt...
BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...
CVE-2025-67487 Static Web Server is vulnerable to symbolic link Path Traversal
Static Web Server SWS is a production-ready web server suitable for static web files or assets. Versions 2.40.0 and below contain symbolic links symlinks which can be used to access files or directories outside the intended web root folder. SWS generally does not prevent symlinks from escaping th...
CVE-2025-67487
The CVE refers to Static Web Server (SWS) where versions 2.40.0 and earlier fail to properly constrain symbolic links, allowing path traversal to files/directories outside the web root via URL or directory listings. Root cause: symlinks escaping the server’s root due to inadequate checks. Impact:...
CVE-2025-67487 Static Web Server is vulnerable to symbolic link Path Traversal
Static Web Server SWS is a production-ready web server suitable for static web files or assets. Versions 2.40.0 and below contain symbolic links symlinks which can be used to access files or directories outside the intended web root folder. SWS generally does not prevent symlinks from escaping th...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146, Firefox ESR versions prior to 115.31, and versions prior to 140.6, which stems from improper handling of boundary conditions in...
Unity Linux 20.1070e Security Update: aide (UTSA-2025-991101)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991101 advisory. AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft...