CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AlmaLinux•added 2025/12/10 12:0 a.m.•2 views

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-free in the WebRTC:...

9.8CVSS7.6AI score0.00498EPSS

Exploits2References22

Packet Storm•added 2025/12/10 12:0 a.m.•122 views

📄 Chromodo Browser 45.8.12.391 Same Origin Policy Weakness

This proof of concept demonstrates message passing between two browser windows when opened under the same logical context same origin. It affect Chromodo Browser version 45.8.12.391...

7AI score

Exploits0

Tenable Nessus•added 2025/12/10 12:0 a.m.•3 views

RHEL 10 : firefox (RHSA-2025:23035)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:23035 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS8.8AI score0.00498EPSS

Exploits2References22

Tenable Nessus•added 2025/12/10 12:0 a.m.•2 views

RHEL 9 : firefox (RHSA-2025:23034)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23034 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS8.8AI score0.00498EPSS

Exploits2References22

EUVD•added 2025/12/09 6:30 p.m.•2 views

EUVD-2025-202157

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox 146, Firefox ESR 115.31, and Firefox ESR 140.6...

6.5CVSS6AI score0.00156EPSS

OSV•added 2025/12/09 4:17 p.m.•2 views

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS5.8AI score

NVD•added 2025/12/09 4:17 p.m.•2 views

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS0.00156EPSS

OSV•added 2025/12/09 4:17 p.m.•1 views

UBUNTU-CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS6.4AI score0.00156EPSS

Exploits0References9

Cvelist•added 2025/12/09 1:38 p.m.•16 views

CVE-2025-14331 Same-origin policy bypass in the Request Handling component

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

0.00156EPSS

AlpineLinux•added 2025/12/09 1:38 p.m.•1 views

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS6.6AI score0.00156EPSS

ATTACKERKB•added 2025/12/09 1:38 p.m.•2 views

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS6.6AI score0.00156EPSS

Exploits0References7

Vulnrichment•added 2025/12/09 1:38 p.m.•2 views

CVE-2025-14331 Same-origin policy bypass in the Request Handling component

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.6AI score0.00156EPSS

Debian CVE•added 2025/12/09 1:38 p.m.•2 views

CVE-2025-14331

Same-origin policy bypass in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

6.5CVSS6.3AI score0.00156EPSS

Exploits0

CVE•added 2025/12/09 1:38 p.m.•17 views

CVE-2025-14331

CVE-2025-14331: Same-origin policy bypass in the Request Handling component affects Firefox <146, Firefox ESR <115.31 and <140.6, Thunderbird <146 and

6.5CVSS6.6AI score0.00156EPSS

Exploits0References6Affected Software2

RedHat Linux•added 2025/12/09 7:58 a.m.•5 views

firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Notifications component...

RedHat Linux•added 2025/12/09 7:58 a.m.•7 views

firefox: thunderbird: Same-origin policy bypass in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Workers component...

RedHat Linux•added 2025/12/09 7:56 a.m.•5 views

firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Notifications component...

RedHat Linux•added 2025/12/09 7:56 a.m.•5 views

firefox: thunderbird: Same-origin policy bypass in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the DOM: Workers component...