Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the Content Security Policy blocks frame navigation, the full destination of a redirect served within the frame is reported in the violation report; instead of just the original frame URI. This could be used to disclose sensitive information contained in such URIs. This vulnerability affects...

4.3CVSS6.4AI score0.01212EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/07 12:43 p.m.4 views

CVE-2026-5734

Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was...

9.8CVSS5.9AI score0.00329EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/24 3:30 p.m.6 views

EUVD-2026-14853

Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox 149 and Firefox ESR 140.9...

7.5CVSS5.8AI score0.00433EPSS
Exploits0References4
NVD
NVD
added 2026/02/24 2:16 p.m.8 views

CVE-2026-2783

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

7.5CVSS0.00285EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/24 1:33 p.m.2 views

CVE-2026-2781

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...

9.8CVSS5.8AI score0.0036EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/24 1:33 p.m.21 views

CVE-2026-2777 Privilege escalation in the Messaging System component

Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/02/05 10:39 a.m.3 views

firefox: Spoofing issue in the Downloads Panel component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Downloads Panel component...

7.5CVSS5.7AI score0.00352EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/27 5:16 p.m.6 views

firefox: thunderbird: Sandbox escape due to integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to integer overflow in the Graphics component...

8.8CVSS5.8AI score0.0057EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/01/05 1:37 a.m.16 views

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

7.3CVSS5.7AI score0.00297EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/12/01 2:53 a.m.7 views

firefox: thunderbird: Mitigation bypass in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Core & HTML component...

6.1CVSS5.7AI score0.00198EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/01 2:17 a.m.7 views

firefox: thunderbird: Race condition in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Race condition in the Graphics component...

7.5CVSS5.7AI score0.00229EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/09/03 9:34 p.m.6 views

If an attacker could find a way to trigger a particular code path in `SafeRefPtr`, it could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

...

8.1CVSS9.2AI score0.00971EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/08/20 11:33 p.m.5 views

SUSE CVE-2025-9183

Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2...

4.3CVSS6.6AI score0.00231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/03/06 11:54 a.m.7 views

firefox: Clickjacking the registerProtocolHandler info-bar Reporter

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A web page could trick a user into setting that site as the default handler for a custom URL protocol...

4.3CVSS6.5AI score0.00316EPSS
Exploits0References7
OSV
OSV
added 2023/12/19 2:15 p.m.2 views

DEBIAN-CVE-2023-6859

A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox 121...

8.8CVSS8AI score0.01092EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/17 2:5 a.m.6 views

SUSE CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

8.8CVSS6.3AI score0.00681EPSS
Exploits0References8
OSV
OSV
added 2021/12/08 10:15 p.m.2 views

DEBIAN-CVE-2021-38504

When interacting with an HTML input element's file picker dialog with webkitdirectory set, a use-after-free could have resulted, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

8.8CVSS8.7AI score0.01586EPSS
Exploits0References1
OSV
OSV
added 2019/09/04 12:0 a.m.5 views

UBUNTU-CVE-2019-11746

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

8.8CVSS7.3AI score0.01713EPSS
Exploits0References6
OSV
OSV
added 2018/06/11 9:29 p.m.3 views

DEBIAN-CVE-2016-9895

Event handlers on "marquee" elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

6.1CVSS7.4AI score0.01839EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2018/05/14 2:48 p.m.6 views

Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files

Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR 52.8 an...

7.5CVSS7.2AI score0.01636EPSS
Exploits0References5
Rows per page
Query Builder