CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1043 matches found

SUSE CVE•added 2026/05/20 3:2 a.m.•9 views

SUSE CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

4.8CVSS7AI score0.00134EPSS

Exploits0References12

SUSE CVE•added 2026/05/20 2:32 a.m.•9 views

SUSE CVE-2026-8947

Use-after-free in the DOM: Bindings WebIDL component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.8CVSS5.8AI score0.00065EPSS

Exploits0References10

NVD•added 2026/05/19 2:16 p.m.•11 views

CVE-2026-8975

Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox...

8.8CVSS0.00046EPSS

Exploits0References6

UbuntuCve•added 2026/05/19 2:16 p.m.•9 views

CVE-2026-8958

Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

8.6CVSS5.8AI score0.00058EPSS

Exploits0References9

ATTACKERKB•added 2026/05/19 12:30 p.m.•8 views

CVE-2026-8975

8.8CVSS6AI score0.00046EPSS

Exploits0References7

CNNVD•added 2026/05/19 12:0 a.m.•7 views

Mozilla Firefox多款产品安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

8.8CVSS5.8AI score0.00044EPSS

Exploits0References1

Tenable Nessus•added 2026/05/19 12:0 a.m.•10 views

Mozilla Firefox < 151.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 151.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-46 advisory. - Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs...

9.8CVSS6.1AI score0.00164EPSS

Exploits0References32

SUSE CVE•added 2026/05/08 2:25 a.m.•10 views

SUSE CVE-2026-8092

Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox...

7.5CVSS6AI score0.00024EPSS

Exploits0References5

CVE•added 2026/05/07 12:45 p.m.•69 views

CVE-2026-8092

CVE-2026-8092 refers to memory safety bugs in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1 (and related Firefox components) with evidence of memory corruption and a potential for arbitrary code execution. The vulnerability was addressed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 11...

8.1CVSS6AI score0.00024EPSS

Exploits0References6Affected Software2

ATTACKERKB•added 2026/05/07 12:45 p.m.•11 views

CVE-2026-8092

8.1CVSS6AI score0.00024EPSS

Exploits0References7

RedHat Linux•added 2026/05/06 7:20 p.m.•12 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

9.8CVSS5.9AI score0.00071EPSS

Exploits0References6

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в firefox, thunderbird

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks were executed for those events. Web content that attempted to use those interfaces would not be able to do so with elevated privileges. However, the presence of these interfaces indicated...

8.8CVSS7.2AI score0.00267EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в firefox, thunderbird

The Enhanced Tracking Protection’s Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS attacks through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames disguised as legitimate content. This...

6.1CVSS6.9AI score0.00153EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в firefox, thunderbird

A double-free issue could occur in secpkcs7decoderstartdecrypt, when handling an error path. Under certain conditions, the same symmetric key might be freed twice, potentially leading to memory corruption. This vulnerability affects Firefox 133, Thunderbird 133, Firefox ESR 128.7, and Thunderbird...

9.8CVSS5.8AI score0.00271EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views