Lucene search
K

6 matches found

CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References1
OSV
OSV
added 2026/04/07 1:16 p.m.1 views

DEBIAN-CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

8.8CVSS5.3AI score0.0035EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/28 7:39 a.m.3 views

CVE-2026-0818 CSS-based exfiltration of the content from partially encrypted emails when allowing remote content

When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...

7.5AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/06/24 11:24 p.m.5 views

SUSE CVE-2025-6434

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

5.4CVSS5.8AI score0.00229EPSS
Exploits0References6
OSV
OSV
added 2025/06/24 1:15 p.m.2 views

CVE-2025-6432

When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox 140 and Thunderbird 140...

8.6CVSS5.8AI score0.00287EPSS
Exploits0References3
OSV
OSV
added 2025/06/24 1:15 p.m.2 views

UBUNTU-CVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...

8.1CVSS7.2AI score0.00375EPSS
Exploits0References7
Rows per page
Query Builder