thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

aEnrich a+HRD 跨站脚本漏洞

aEnrich a+HRD is a full-service human resources development solution from Acer China aEnrich. A cross-site scripting vulnerability exists in aEnrich a+HRD, which originates from stored cross-site scripting and could allow a remote attacker with administrator privileges to inject persistent...

aEnrich a+HRD和aEnrich a+HCM 跨站脚本漏洞

aEnrich a+HRD and aEnrich a+HCM are both products of Acer China aEnrich. aEnrich a+HRD is a total human resource development solution. aEnrich a+HCM is a human capital management system. A cross-site scripting vulnerability exists in aEnrich a+HRD and aEnrich a+HCM. The vulnerability stems from...

PT-2025-46571

Name of the Vulnerable Software and Affected Versions a+HRD affected versions not specified Description The software contains a Stored Cross-Site Scripting issue. This allows remote attackers with administrator privileges to inject persistent JavaScript code. This code is executed in users'...

ROS-20251112-07

Vulnerability in Google Chrome browser's JavaScript script handler V8 is related to information disclosure through inconsistency. Exploitation of the vulnerability could allow an attacker, acting remotely, gain unauthorized access to protected information A vulnerability in the WebRTC component o...

Linux Distros Unpatched Vulnerability : CVE-2025-13024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. CVE-2025-13024 Note that Nessus...

KLA90262 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in...

VulnCheck KEV: CVE-2025-13223

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Malicious code in gita-lapis83-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector daeef7454f903df0568af48985fdf0450d5b031b607d8d07e2cfb50bbd78354d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in erwin-kembang9-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58698e0f46c75270506b936d8be9b398e7fbf2c58efe269a6660e09b1408b8f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-134631 Malicious code in joko-lepet72-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dab1c24630f66a10eb15b0b052d39b14e13df9b045b6788ef66e4d6fe6d3b240 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-62780

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...

Malicious code in equal_roadrunner_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad9e43de418f9273f8be1908158ec4dcc1939e22569ebfbb682184828304fec6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-104160

Malicious code in lina-semur45-riris npm...

EUVD-2025-103991

Malicious code in lutfi-tomat15-riris npm...