Lucene search
K

59095 matches found

UbuntuCve
UbuntuCve
added 2025/11/11 12:0 a.m.4 views

CVE-2025-13015

Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30...

3.4CVSS5.8AI score0.00226EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/11/11 12:0 a.m.3 views

CVE-2025-13016

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

7.5CVSS7.3AI score0.0041EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46338

A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...

8.6CVSS6.8AI score0.00309EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.8 views

PT-2025-46356

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 145 Mozilla Firefox ESR versions prior to 140.5 Thunderbird versions prior to 145 Thunderbird versions prior to 140.5 Mozilla Firefox ESR versions prior to 140.5.0esr-1deb11u1 Mozilla Firefox ESR versions prio...

10CVSS8.1AI score0.09348EPSS
Exploits2References228
FreeBSD
FreeBSD
added 2025/11/11 12:0 a.m.11 views

Firefox -- Multiple vulnerabilities

https://bugzilla.mozilla.org/showbug.cgi?id=1994441 reports: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. Incorrect boundary conditions in the Graphics: WebGPU component. JIT miscompilation in the JavaScript Engine: JIT component. Sandbox escape due to...

9.8CVSS6.6AI score0.00317EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2025/11/11 12:0 a.m.6 views

firefox -- Use-after-free

https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...

8.8CVSS6.6AI score0.0041EPSS
Exploits0References9
NVD
NVD
added 2025/11/10 10:15 p.m.3 views

CVE-2025-62780

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...

5.4CVSS0.00402EPSS
Exploits1References1
OSV
OSV
added 2025/11/10 10:15 p.m.23 views

PYSEC-2025-91

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...

5.4CVSS6AI score0.00402EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/10 9:30 p.m.4 views

EUVD-2025-50787

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.1AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50799

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.6AI score0.0025EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/10 9:30 p.m.4 views

EUVD-2025-50794

Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.6AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
added 2025/11/10 9:30 p.m.5 views

EUVD-2025-50802

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

5.7AI score0.06806EPSS
Exploits1References3
EUVD
EUVD
added 2025/11/10 9:30 p.m.3 views

EUVD-2025-50778

Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00207EPSS
Exploits0References3
OSV
OSV
added 2025/11/10 9:18 p.m.4 views

CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API

changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...

3.5CVSS5.9AI score0.00402EPSS
Exploits1References3
OSV
OSV
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12727

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12727

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.0023EPSS
Exploits0References2
OSV
OSV
added 2025/11/10 8:15 p.m.6 views

AZL-70390 CVE-2025-12441 affecting package nodejs18 18.20.3-11

Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
NVD
NVD
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12433

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.0025EPSS
Exploits0References2
OSV
OSV
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12433

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2025/11/10 8:15 p.m.3 views

CVE-2025-12428

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder