Lucene search
K

7 matches found

UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14333

Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.1CVSS7.4AI score0.00376EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14324

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

9.8CVSS7.3AI score0.00481EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/11/04 2:15 a.m.1 views

CVE-2025-43419

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to memory corruption...

8.8CVSS7.3AI score0.00328EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/11/04 2:15 a.m.3 views

CVE-2025-43440

This issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS6.8AI score0.00442EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/14 1:15 p.m.4 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.8AI score0.00244EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/08/19 9:15 p.m.2 views

CVE-2025-9180

Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

8.1CVSS7.2AI score0.00231EPSS
Exploits0References13
OSV
OSV
added 2024/05/02 3:30 p.m.22 views

GHSA-V63G-V339-2673 Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies

Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...

8.8CVSS9.8AI score0.48081EPSS
Exploits0References5
Rows per page
Query Builder