16 matches found
EUVD-2018-4337
Malware in sbrugna...
EUVD-2017-16731
Malware in sbrugna...
EUVD-2025-1965
Malicious code in bioql PyPI...
EUVD-2025-7438
Malicious code in bioql PyPI...
EUVD-2025-22362
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-7525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible for a web extension with minimal permissions to create a StreamFilter which could be used to read and modify the response body of requests on an...
Linux Distros Unpatched Vulnerability : CVE-2025-8027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the stack. Baseline-JIT, however, read the entire 64 bits. This...
CVE-2025-8039
The CVE-2025-8039 entry concerns a vulnerability where search terms persist in the URL bar after navigating away from a search page. Affected software and versions are Mozilla Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird
CVE-2025-8033
The CVE-2025-8033 issue is a memory-safety bug in Mozilla’s JavaScript engine where closing generators could be resumed, causing a null pointer dereference. Affected products include Firefox and Thunderbird forks across multiple release lines (Firefox < 141, ESR tracks <115.26, <128.13, ...
CVE-2025-8030
CVE-2025-8030 is publicly known and tied to an insufficent escaping in the “Copy as cURL” feature that could lead to code execution. The connected Astra Linux and Amazon/Linux advisories confirm the issue affects Firefox and Thunderbird across multiple tracks (e.g., Firefox < 141, Firefox ESR ...
CVE-2025-4918
An attacker was able to perform an out-of-bounds read or write on a JavaScript Promise object. This vulnerability affects Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2...
CVE-2025-1014
Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...
CVE-2022-1802
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR 91.9.1, Firefox 100.0.2, Firefox for Android 100.3.0,...
CVE-2020-26961
When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...
CVE-2019-11752
It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...
CVE-2017-7793
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR 52.4, and Thunderbird 52.4...