Lucene search
K

28 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

Under unusual circumstances, an individual thread may survive the termination of its manager during shutdown. This could lead to a use-after-free condition, resulting in a potentially exploitable crash. This vulnerability affects Firefox versions earlier than 98...

6.5CVSS7AI score0.00554EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs in Firefox 97. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This...

8.8CVSS7.6AI score0.0056EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If an attacker could control the contents of an iframe that was sandboxed using allow-popups but not allow-scripts, they could create a link that, when clicked, would cause JavaScript execution, violating the sandboxing rules. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbi...

9.6CVSS6.7AI score0.00931EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 98. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to...

8.8CVSS8.2AI score0.00521EPSS
Exploits0References1
OSV
OSV
added 2026/06/07 10:42 a.m.6 views

MINI-CHMP-8GR3-CR98

Bulletin has no description...

7.5CVSS6.6AI score0.00748EPSS
Exploits1
CVE
CVE
added 2026/03/05 8:22 p.m.13 views

CVE-2026-29077

Frappe (full‑stack web application framework) is affected by CVE-2026-29077 due to a lack of validation when sharing documents, enabling a user to share a document with a permission they themselves do not possess. Affected versions are prior to 15.98.0 and 14.100.0. The issue has been patched in ...

7.1CVSS5.8AI score0.00193EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/25 11:31 a.m.0 views

MINI-8VXC-WG98-J2GP

Bulletin has no description...

7.5CVSS5.1AI score0.00559EPSS
Exploits1
NVD
NVD
added 2026/02/12 11:16 p.m.5 views

CVE-2019-25341

iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash...

7.5CVSS0.00304EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.3 views

Malicious code in rita-98 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9508b9a417471b3af8ded6f50a1f7e97c2d9ca74d1b7234a0421a7c1f8b22fed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/27 8:44 a.m.5 views

CVE-2025-60156

Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.36...

9.6CVSS5.7AI score0.00159EPSS
Exploits0References1
NVD
NVD
added 2025/09/26 9:15 a.m.5 views

CVE-2025-60156

Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.34...

9.6CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.9 views

CVE-2025-60156 WordPress AR For WordPress plugin <= 8.34 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through = 8.34...

9.6CVSS0.00159EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.4 views

WordPress plugin Smart Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.4CVSS4.5AI score0.00241EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 2:9 p.m.12 views

CVE-2022-49800 tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in testgensynthcmd and testemptysynthevent testgensynthcmd only free buf in fail path, hence buf will leak when there is no failure. Add kfreebuf to prevent the memleak. The same reason and solution in...

5.5CVSS6AI score0.00165EPSS
Exploits0References7
NVD
NVD
added 2025/04/22 3:16 p.m.12 views

CVE-2025-23176

CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection'...

8.8CVSS0.00384EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:38 a.m.3 views

SUSE CVE-2021-38493

Mozilla developers reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR 78.14,...

7.5CVSS9.5AI score0.01205EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.4 views

SUSE CVE-2022-0843

Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerabilit...

8.8CVSS9.4AI score0.0056EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.3 views

SUSE CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...

4.3CVSS8.4AI score0.00493EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.1 views

SUSE CVE-2022-28288

Mozilla developers and community members Randell Jesup, Sebastian Hengst, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 98. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

7.5CVSS9.4AI score0.00521EPSS
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.3 views

CVE-2022-26382

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel attacks on the text by using specially crafted fonts could have lead to this text being inferred by the webpage. This vulnerability affects Firefox 98...

4.3CVSS7.3AI score0.00493EPSS
Exploits1References2
Rows per page
Query Builder