5 matches found
ROS-20260129-73-0053
A vulnerability in the Notification interface of Mozilla Firefox, Firefox ESR and Thunderbird email client is related to an operation exceeding buffer boundaries in memory when processing DOM objects. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his...
CVE-2026-20800
Gitea's notification API does not re-validate repository access permissions when returning notification details. After a user's access to a private repository is revoked, they may still view issue and pull request titles through previously received notifications...
The vulnerability of the SeaMonkey software package, which allows a malicious attacker to execute arbitrary code.
The SeaMonkey software contains a vulnerability in the nsJSThunk::EvaluateScript function. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by manipulating the web notification API component...
The vulnerability of the SeaMonkey software package allows a malicious attacker to execute arbitrary code or cause a service failure.
The SeaMonkey software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an unauthorized attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a special ICC profile...
The vulnerability of the Thunderbird email client, which allows a remote attacker to execute arbitrary code or trigger a service denial-of-service attack.
Mozilla Thunderbird’s software contains a vulnerability in the qcmsprofilefrommemory function. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause a service failure by manipulating the web notification API component, thereby creating a special ICC profile...