Lucene search
K

59115 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Mozilla Firefox < 146.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 146.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-92 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146 and Firefox ESR...

9.8CVSS8.6AI score0.00498EPSS
Exploits2References14
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.8 views

KLA90817 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in the...

9.8CVSS8.9AI score0.00498EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.2 views

Mozilla Firefox ESR < 140.6

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 140.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-94 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 146 and Firefox ESR...

9.8CVSS8.6AI score0.00498EPSS
Exploits2References11
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-14330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird...

9.8CVSS7.3AI score0.00422EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-14324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146,...

9.8CVSS7.3AI score0.00481EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.0 views

Mozilla Firefox ESR < 115.31

The version of Firefox ESR installed on the remote Windows host is prior to 115.31. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-93 advisory. - Privilege escalation in the DOM: Notifications component. This vulnerability affects Firefox 146, Firefox ESR...

9.8CVSS8.7AI score0.00481EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.8 views

KLA90807 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics...

9.8CVSS7.3AI score0.00481EPSS
Exploits0References3
Mozilla
Mozilla
added 2025/12/09 12:0 a.m.10 views

Security Vulnerabilities fixed in Firefox ESR 115.31 — Mozilla

CVE-2025-14322: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component Reporter Oskar L Impact high References Bug 1996473 CVE-2025-14323: Privilege escalation in the DOM: Notifications component Reporter tiebuchen Impact high References Bug 1996555...

9.8CVSS7.2AI score0.00481EPSS
Exploits0References4Affected Software1
FreeBSD
FreeBSD
added 2025/12/09 12:0 a.m.9 views

Mozilla -- JIT miscompilation

https://bugzilla.mozilla.org/showbug.cgi?id=1998050 reports: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS7AI score0.00481EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2025/12/09 12:0 a.m.5 views

Mozilla -- JIT miscompilation in the JavaScript Engine: JIT component

https://bugzilla.mozilla.org/showbug.cgi?id=1997503 reports: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS7AI score0.00422EPSS
Exploits0References1
OSV
OSV
added 2025/12/08 9:31 p.m.3 views

GO-2025-4184 Mattermost Server vulnerable to Denial of Service through `@` character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server

Mattermost Server vulnerable to Denial of Service through @ character prefix inserted into JavaScript field names in github.com/mattermost/mattermost-server...

7.5CVSS6.8AI score0.01114EPSS
Exploits0References3
Snyk
Snyk
added 2025/12/08 9:30 p.m.3 views

Cross-site Scripting (XSS)

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the ui.addcss, ui.addscss, and ui.addsass functions. An attacker can execute arbitrary JavaScript in the context of the user's browser...

6.1CVSS5.4AI score0.00224EPSS
Exploits1References2
HackRead
HackRead
added 2025/12/08 6:16 p.m.6 views

New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites

Securonix Threat Research details the complex JSSMUGGLER campaign, a three-step web attack using obfuscated JavaScript and hidden HTA files to install the NetSupport RAT on user Windows desktops, granting hackers full remote control and persistent access...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/08 3:0 p.m.6 views

CVE-2025-13630

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.6AI score0.00379EPSS
Exploits0References5
Veracode
Veracode
added 2025/12/08 11:7 a.m.7 views

Cross-site Scripting

Apache SkyWalking is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper neutralization of script-related HTML tags, allowing attackers to inject malicious JavaScript into web pages...

6.1CVSS6AI score0.00625EPSS
Exploits0References6Affected Software1
NCSC
NCSC
added 2025/12/08 8:23 a.m.8 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk has fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities include several issues, including the ability for low-privileged users to create unauthorized dashboards, access sensitive information via mobile notifications, and the injection of ANSI escape...

8.7CVSS7.3AI score0.0048EPSS
Exploits1References8
Hacker One
Hacker One
added 2025/12/08 6:22 a.m.9 views

Node.js: Uncatchable "Maximum call stack size exceeded" error on Node.js via async_hooks leads to process crashes bypassing error handlers

A vulnerability was identified in Node.js error handling where "Maximum call stack size exceeded" errors became uncatchable when asynchooks.createHook was enabled. Instead of reaching process.on'uncaughtException', the process terminated, making the crash unrecoverable...

7.5CVSS5.5AI score0.00624EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/08 1:37 a.m.7 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...

7.5CVSS6AI score0.0041EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/08 1:26 a.m.5 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...

7.5CVSS6AI score0.0041EPSS
Exploits0References5
CNVD
CNVD
added 2025/12/08 12:0 a.m.4 views

Google Chrome Competitive Conditions Vulnerability

Google Chrome is a web browser developed by Google Inc. to provide users with a fast, secure and customizable web browsing experience. Google Chrome suffers from a competitive condition vulnerability that stems from the presence of a competitive condition in v8, which can be exploited by an...

7.5CVSS6.1AI score0.00184EPSS
Exploits0References1
Rows per page
Query Builder