Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2025/11/12 1:23 a.m.7 views

thunderbird: firefox: An OBJECT tag type attribute overrode browser behavior on web resources without a content-type

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This...

6.1CVSS6.2AI score0.0025EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/20 7:14 p.m.4 views

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/10/20 7:6 p.m.4 views

thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/15 12:42 p.m.6 views

CVE-2025-11717

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144...

9.1CVSS5.8AI score0.00244EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/15 12:41 p.m.5 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS5.7AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 1:15 p.m.3 views

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

8.1CVSS0.00244EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/10/14 12:27 p.m.5 views

CVE-2025-11721

Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

9.8CVSS8.9AI score0.00332EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41905

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144 Description When switching between Android apps using the card carousel, Firefox displays a black screen as its card image if a password-related screen was the last one used. Prior to version 144, the password edi...

9.8CVSS5.8AI score0.00465EPSS
Exploits0References28
Rows per page
Query Builder