CVE-2025-4089 Potential local code execution in "copy as cURL" command

Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

CVE-2025-4089 Potential local code execution in "copy as cURL" command

Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

CVE-2025-4089

CVE-2025-4089 is a vulnerability in Mozilla Firefox and Thunderbird related to insufficient escaping in the copy as cURL feature. The impact is local code execution on the user’s system if an attacker lures the user to run a crafted command. Affected software is Firefox and Thunderbird before 138...

CVE-2025-4089

Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 138 and Thunderbird 138...

CVE-2025-4084 Potential local code execution in "copy as cURL" command

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Thi...

CVE-2025-4084

CVE-2025-4084 concerns Firefox products. The issue arises from insufficient escaping of special characters in the copy as cURL feature, which could mislead users into running a crafted command and potentially enable local code execution on Windows. Affected software includes Firefox for Windows, ...

CVE-2025-4084 Potential local code execution in "copy as cURL" command

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Thi...

CVE-2025-4084

Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Thi...

PT-2025-18153 · Mozilla +2 · Firefox Esr +3

Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 128.10 Firefox ESR versions prior to 115.23 Thunderbird ESR versions prior to 128.10 Description: The issue arises from insufficient escaping of special characters in the "copy as cURL" feature. This could allow ...

PT-2025-18158

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 138 Thunderbird versions prior to 138 Description The issue arises from insufficient escaping of special characters in the "copy as cURL" feature. This could allow an attacker to trick a user into executing a command,...

Mozilla -- insufficient character escaping

[email protected] reports: Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system...

SUSE CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21437)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21436)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21434)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21433)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21432)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Unspecified Vulnerability in Rockwell Automation Arena (CNVD-2025-21431)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21429)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...