Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.3 views

Astra Linux - уязвимость в firefox

The exception page for the HTTPS-Only feature, which appears when a website is accessed via HTTP, lacked an anti-clickjacking mechanism. This allowed attackers to trick users into granting an exception and loading a webpage via HTTP. This vulnerability has been fixed in Firefox 140 and Thunderbir...

4.3CVSS5.7AI score0.00171EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-21375

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00171EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/06/24 12:28 p.m.8 views

CVE-2025-6434 HTTPS-Only exception screen lacked anti-clickjacking delay

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

0.00171EPSS
Exploits0References3
CVE
CVEadded 2025/06/24 12:28 p.m.61 views

CVE-2025-6434

CVE-2025-6434 corresponds to the HTTPS-Only exception page lacking an anti-clickjacking delay, enabling potential user trickery to grant an exception and load an HTTP page. Public sources in the provided documents indicate affected products are Mozilla Firefox and Mozilla Thunderbird, specificall...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2025/06/24 12:28 p.m.9 views

CVE-2025-6434

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

4.3CVSS4.9AI score0.00171EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2025/06/24 12:28 p.m.2 views

CVE-2025-6434 HTTPS-Only exception screen lacked anti-clickjacking delay

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

5.8AI score0.00171EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/06/24 12:0 a.m.2 views

PT-2025-26731

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Description: The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an...

9.8CVSS7.8AI score0.19171EPSS
Exploits2References159
Wordfence Blog
Wordfence Blogadded 2021/07/02 7:13 p.m.13 views

Episode 124: PrintNightmare 0Day Exploit Accidentally Leaked Online

Security researchers accidentally leaked zero-day exploit code for a new Windows bug, now called PrintNightmare, while easily exploitable vulnerabilities in the ProfilePress plugin, previously called WP User Avatar, were patched quickly. An unprotected cloud database containing over 814 million...

7.9AI score
Exploits0
Rows per page
Query Builder