Lucene search
K

59100 matches found

RedHat Linux
RedHat Linux
added 2025/11/10 1:48 a.m.5 views

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/10 1:45 a.m.6 views

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/10 1:18 a.m.4 views

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.6 views

PT-2025-46184

Name of the Vulnerable Software and Affected Versions Combodo iTop versions prior to 2.7.13 Combodo iTop versions prior to 3.2.2 Description Combodo iTop, a web-based IT service management tool, is susceptible to cross-site scripting when a dashboard is edited through an AJAX call. This allows fo...

8.8CVSS6.4AI score0.00194EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/10 12:0 a.m.2 views

Microsoft Edge (Chromium) < 142.0.3595.66 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 142.0.3595.66. It is, therefore, affected by multiple vulnerabilities as referenced in the November 6, 2025 advisory. - Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote...

8.8CVSS8.1AI score0.00238EPSS
Exploits0References6
OSV
OSV
added 2025/11/09 4:46 p.m.4 views

MAL-2025-49459 Malicious code in elf-stats-storybook-cookiejar-880 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41a568cb0be6c18f5ce4e4ab81bd7dfe0b1026ba19749c2fee13f5ba70a586b4 The package elf-stats-storybook-cookiejar-880 was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/08 7:41 a.m.15 views

CVE-2025-64187

OctoPrint provides a web interface for controlling consumer 3D printers. Versions 1.11.3 and below are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notifications and prompts popups generated by the printer. An attacker who successfully...

4.6CVSS6.9AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2025/11/08 12:17 a.m.11 views

OSV-2025-884 Heap-use-after-free in JS_DefineProperty

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=458199402 Crash type: Heap-use-after-free READ 8 Crash state: JSDefineProperty buildbacktrace JSCallInternal...

6.9AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/11/08 12:0 a.m.3 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0423-1 Rating: important References: 1253089 Cross-References: CVE-2025-12725 CVE-2025-12726 CVE-2025-12727 CVE-2025-12728 CVE-2025-12729 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes ...

8.8CVSS7.2AI score0.00238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 1:46 p.m.6 views

CVE-2025-10853

A reflected cross-site scripting XSS vulnerability exists in the management console of multiple WSO2 products due to improper output encoding. By tampering with specific parameters, a malicious actor can inject arbitrary JavaScript into the response, leading to reflected XSS. Successful...

6.1CVSS5.8AI score0.00159EPSS
Exploits0References1
HackRead
HackRead
added 2025/11/07 12:44 p.m.24 views

Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code

Bolster AI reveals a new scam using a simple JS code via Emkei's Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet...

7.3AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/11/07 12:35 a.m.1 views

SUSE CVE-2025-12727

Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.1AI score0.0023EPSS
Exploits0References3
CVE
CVE
added 2025/11/07 12:0 a.m.13 views

CVE-2025-63640

CVE-2025-63640 affects SourceCodester Medicine Reminder App v1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Medicine Name and Notes (Optional) fields when creating an Upcoming Reminder . The root cause is improper input handling/filtration that allows injection of arbitrary HT...

6.1CVSS5.9AI score0.00196EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.5 views

OctoPrint 安全漏洞

OctoPrint is an open source application from OctoPrint. It provides a fast web interface for controlling consumer 3D printers. A security vulnerability exists in OctoPrint 1.11.3 and prior versions that originated from allowing arbitrary HTML and JavaScript to be injected into Action Command...

4.6CVSS6.4AI score0.00133EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/07 12:0 a.m.14 views

PT-2025-45528

Name of the Vulnerable Software and Affected Versions Open WebUI versions 0.6.224 and prior Open WebUI versions 0.6.34 and prior Open WebUI version 0.6.33 and prior Description Open WebUI, a self-hosted artificial intelligence platform, contains a code injection vulnerability within the Direct...

8CVSS8.1AI score0.07767EPSS
Exploits1References32
CVE
CVE
added 2025/11/06 10:24 p.m.67 views

CVE-2025-12036

CVE-2025-12036 is an out-of-bounds memory access in V8 within Google Chrome, prior to version 141.0.7390.122. The issue allows a remote attacker to trigger memory access errors via a crafted HTML page. The vulnerability is rated High (CVSS 3.1: 8.8) with Network attack vector, no privileges requi...

8.8CVSS5.9AI score0.03544EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/11/06 10:24 p.m.5 views

CVE-2025-12036

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS8AI score0.03544EPSS
Exploits0
OSV
OSV
added 2025/11/06 10:15 p.m.2 views

CVE-2025-11219

Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...

3.1CVSS5.8AI score
Exploits0References2
CVE
CVE
added 2025/11/06 10:8 p.m.19 views

CVE-2025-11219

CVE-2025-11219 affects Google Chrome/Chromium: a use-after-free in V8 prior to 141.0.7390.54 allows potential out-of-bounds memory access via a crafted HTML page. The Chrome 141.0.7390.54 update (and related Debian/ Alpine security advisories) fixes this issue. The CVSS v3.1 base score is 3.1 (Lo...

3.1CVSS6.3AI score0.00231EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/11/06 10:8 p.m.6 views

CVE-2025-11219

Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...

3.1CVSS6.2AI score0.00231EPSS
Exploits0
Rows per page
Query Builder