Lucene search
K

59103 matches found

Malwarebytes
Malwarebytes
added 2025/12/11 11:58 a.m.9 views

[Updated] Another Chrome zero-day under attack: update now

Google issued an extra patch for a security vulnerability in Chrome that is being actively exploited, and it's urging users to update. The patch fixes three flaws in Chrome, and for one of them Google says an exploit already exists in the wild. Chrome is by far the world’s most popular browser,...

9.8CVSS7.9AI score0.22359EPSS
Exploits22
OSV
OSV
added 2025/12/11 9:9 a.m.9 views

RLSA-2025:23035 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

7.5CVSS7.2AI score0.00498EPSS
Exploits2References11
RedhatCVE
RedhatCVE
added 2025/12/11 5:16 a.m.8 views

CVE-2025-59788

A flaw was found in Nextcloud's PDF Portable Document Format viewer. This vulnerability allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted PDF file to viewer.html in the filespdfviewer example directory...

6.4CVSS6.9AI score0.00246EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/11 5:3 a.m.7 views

CVE-2025-65229

A stored cross-site scripting XSS vulnerability exists in the web interface of Lyrion Music Server = 9.0.3. An authenticated user with access to Settings Player can save arbitrary HTML/JavaScript in the Player name field. That value is stored by the server and later rendered without proper output...

4.6CVSS5.8AI score0.00141EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/11 12:58 a.m.12 views

CVE-2025-66563

Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote.source are user input, and they're inserted...

7.1CVSS6.9AI score0.00196EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/12/11 12:46 a.m.2 views

SUSE CVE-2025-14324

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

8.8CVSS7.2AI score0.00481EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2025/12/11 12:46 a.m.3 views

SUSE CVE-2025-14325

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

8.8CVSS7.1AI score0.00292EPSS
Exploits1References15
SUSE CVE
SUSE CVE
added 2025/12/11 12:46 a.m.2 views

SUSE CVE-2025-14330

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.1CVSS7.2AI score0.00422EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.13 views

CVE-2025-65296

NULL-pointer dereference vulnerabilities in Aqara Hub M2 4.3.60027, Hub M3 4.3.60025, and Camera Hub G3 4.1.90027 in the JSON processing enable denial-of-service attacks through malformed JSON inputs...

6.5CVSS7AI score0.00251EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor versions prior to 13.2 and 2025 2025.2, which originates from JavaScript modifying the content of annotations and clearing the modification status, potentially bypassing...

6.5CVSS7.4AI score0.0017EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.5 views

PT-2025-50615

Name of the Vulnerable Software and Affected Versions Foxit PDF and Editor versions prior to 13.2 Foxit PDF and Editor 2025 versions prior to 2025.2 Description An issue exists in Foxit PDF and Editor that may lead to information disclosure or memory corruption. This can occur when opening a...

3.3CVSS7.3AI score0.00147EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.3 views

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

6.3AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.25 views

CVE-2025-55307

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

0.00147EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50745

Name of the Vulnerable Software and Affected Versions Flatboard version 3.2 Description An authenticated administrator can inject malicious scripts in forum information fields, leading to a stored cross-site scripting issue. Attackers can insert JavaScript payloads that execute when other users...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References6
CVE
CVE
added 2025/12/11 12:0 a.m.25 views

CVE-2025-55311

Foxit PDF Editor CVE-2025-55311 affects Foxit PDF and Editor on Windows/macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and clear the file’s modification status, bypassing digital signature verification and undermining trust in signed PDFs. R...

6.5CVSS7.4AI score0.0017EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.1 views

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

7.1AI score0.00169EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.1 views

CVE-2025-55307

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. Opening a malicious PDF containing a crafted JavaScript call to search.query with a crafted cDIPath parameter e.g., "/" may cause an out-of-bounds read in internal path-parsing logic, potentially leadi...

6AI score0.00147EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.3 views

Microweber 跨站脚本漏洞

Microweber is Microweber open source online store management system that provides drag and drop functionality. The system includes modules for adding products, images and more. A cross-site scripting vulnerability exists in Microweber version 2.0.15, which stems from the presence of stored...

5.4CVSS6.1AI score0.00214EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.1 views

CVE-2025-55311

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification b...

6.4AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.26 views

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

0.00169EPSS
Exploits0References1
Rows per page
Query Builder