59095 matches found
CVE-2025-13015
Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30...
CVE-2025-13016
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...
PT-2025-46338
A security issue exists within DataMosaix™ Private Cloud allowing for Persistent XSS. This vulnerability can result in the execution of malicious JavaScript, allowing for account takeover, credential theft, or redirection to a malicious website...
PT-2025-46356
Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 145 Mozilla Firefox ESR versions prior to 140.5 Thunderbird versions prior to 145 Thunderbird versions prior to 140.5 Mozilla Firefox ESR versions prior to 140.5.0esr-1deb11u1 Mozilla Firefox ESR versions prio...
Firefox -- Multiple vulnerabilities
https://bugzilla.mozilla.org/showbug.cgi?id=1994441 reports: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. Incorrect boundary conditions in the Graphics: WebGPU component. JIT miscompilation in the JavaScript Engine: JIT component. Sandbox escape due to...
firefox -- Use-after-free
https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...
CVE-2025-62780
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
PYSEC-2025-91
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
EUVD-2025-50787
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2025-50799
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
EUVD-2025-50794
Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
EUVD-2025-50802
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
EUVD-2025-50778
Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-62780 changedetection.io vulnerable to stored XSS in Watch update via API
changedetection.io is a free open source web page change detection tool. A Stored Cross Site Scripting is present in changedetection.io Watch update API in versions prior to 0.50.34 due to insufficient security checks. Two scenarios are possible. In the first, an attacker can insert a new watch...
CVE-2025-12727
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-12727
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
AZL-70390 CVE-2025-12441 affecting package nodejs18 18.20.3-11
Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-12433
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2025-12433
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2025-12428
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...