PT-2026-42220

Name of the Vulnerable Software and Affected Versions CryptPad versions prior to 2026.2.0 Description The HTML sanitizer in Diffmarked.js contains a flaw where it fails to properly filter attributes on restricted tags. While the sanitizer validates the src attribute for , , and elements, it does...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

SUSE CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

UBUNTU-CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

CVE-2025-5340

creationtimestamp| type| source ---|---|--- 2025-06-03 12:14:26+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqpb7nuszad2 2025-06-03 16:04:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqpo6lch772a...

SUSE CVE-2018-5097

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firef...

Unspecified Vulnerability in Etherpad-Lite (CNVD-2021-39572)

Etherpad-Lite is a Web-based open source document editor from the Etherpad Foundation. A security vulnerability exists in Etherpad-Lite versions prior to 1.8.3, which can be exploited by attackers to cause a denial of service...

Visma Public: Reverse Tabnabbing in printing source document images

The security researcher was able to find a Reverse Tabnabbing bug in printing source document images functionality. This bug allows to replace current web page in users browser with a phishing one, facilitating phishing attacks...

CVE-2020-12004

creationtimestamp| type| source ---|---|--- 2020-06-25 16:25:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/scada/inductiveignitionrce.rb 2024-10-31 02:05:38+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1355 2025-02-0...

Kordil EDMS Cross-Site Scripting Vulnerability

Kordil EDMS is an open source electronic document management system of the Turkish company Kordil . The system supports features such as document management and document control. A cross-site scripting vulnerability exists in the usersedit.php file, usersmanagementedit.php file, and...

DEBIAN-CVE-2018-5097

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firef...

Mozilla: Use-after-free when source document is manipulated during XSLT (MFSA 2018-03)

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firef...

Mozilla: Use-after-free when source document is manipulated during XSLT (MFSA 2018-03)

A use-after-free vulnerability can occur during XSL transformations when the source document for the transformation is manipulated by script content during the transformation. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firef...

MyDMS.txt

--------------------------------------------------------------------------- Multiple vulnerabilities in MyDMS --------------------------------------------------------------------------- Author: Joxean Koret Date: 2004 Location: Basque Country...