Lucene search
K

56 matches found

CVE
CVE
added 2026/06/30 10:37 p.m.14 views

CVE-2026-13841

CVE-2026-13841 affects Google Chrome components using Skia . The issue is an integer overflow in Skia that, on Chrome builds prior to 150.0.7871.47 , could allow a remote attacker who already compromised the renderer process to perform a sandbox escape via a crafted HTML page . The explicit impac...

8.3CVSS5.9AI score0.00278EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/16 11:52 a.m.8 views

EUVD-2026-37098

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.3CVSS5.2AI score0.00261EPSS
Exploits0References5
CVE
CVE
added 2026/06/16 11:52 a.m.32 views

CVE-2026-12295

CVE-2026-12295 describes a sandbox escape in the DOM: Navigation component affecting Mozilla Firefox and Thunderbird. The vulnerability is fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. The entry lists a CVSS v3.1 base score of 9.6 (CRITICAL...

9.6CVSS5.2AI score0.00393EPSS
Exploits0References19Affected Software2
CVE
CVE
added 2026/06/16 11:52 a.m.53 views

CVE-2026-12289

CVE-2026-12289 describes a privilege-escalation vulnerability in the Graphics: WebRender component. The public description and connected advisories indicate this affects Mozilla Firefox and Thunderbird products, with fixes shipped in: Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbi...

8.8CVSS5.2AI score0.00395EPSS
Exploits0References19Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.9 views

PT-2026-49682

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 Description An information disclosure and sandbox escape issue exists within the Security: Process...

9.1CVSS5.8AI score0.00476EPSS
Exploits0References185
CVE
CVE
added 2026/06/05 4:30 p.m.31 views

CVE-2026-11339

A vulnerability affects D-Link DWR-M920 firmware up to version 1.1.50 . The flaw is located in the function sub_41CF20 within the file /boafrm/formUSSDSetup ; manipulating the argument ussdValue enables command injection . It can be exploited remotely, and multiple sources note that the exploit i...

8.8CVSS6.4AI score0.03133EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/06/01 9:3 a.m.27 views

CVE-2026-40543

CVE-2026-40543 affects SOPlanning prior to v1.56, where backup functionalities lack authorization. An unauthenticated attacker can directly query backup endpoints to retrieve backup archives containing user databases (including usernames and password hashes) and the config.csv file with additiona...

8.8CVSS5.8AI score0.00273EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in RustC

In the standard library of Rust before version 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...

7.5CVSS8AI score0.02122EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/19 9:56 p.m.10 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

7.5CVSS5.9AI score0.00513EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:23 p.m.13 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corrupti...

7.5CVSS5.9AI score0.00513EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:30 p.m.10 views

CVE-2026-8973

Memory safety bugs present in Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS6AI score0.00335EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/19 12:29 p.m.9 views

CVE-2026-8953 Sandbox escape due to use-after-free in the Disability Access APIs component

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

5.8AI score0.00532EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/05/19 12:29 p.m.9 views

CVE-2026-8946

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

7.5CVSS5.8AI score0.0056EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/12 12:36 p.m.8 views

CVE-2026-8388 Incorrect boundary conditions in the JavaScript Engine: JIT component

Incorrect boundary conditions in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

5.8AI score0.00244EPSS
Exploits0References5
OSV
OSV
added 2026/04/25 5:50 a.m.5 views

OESA-2026-2107 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS6.6AI score0.04938EPSS
Exploits1References26
EUVD
EUVD
added 2026/04/21 3:32 p.m.6 views

EUVD-2026-24103

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, and Firefox ESR 140.10...

5.8AI score0.00157EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/21 3:32 p.m.9 views

EUVD-2026-24098

Invalid pointer in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10...

5.8AI score0.00293EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/21 3:32 p.m.6 views

EUVD-2026-24088

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10...

7.5CVSS5.8AI score0.004EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 12:41 p.m.3 views

CVE-2026-6785

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

6AI score0.00513EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/21 12:41 p.m.4 views

CVE-2026-6781

Denial-of-service in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References4
Rows per page
Query Builder