CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/11/14 12:0 a.m.•1 views

Mozilla Thunderbird < 140.5

The version of Thunderbird installed on the remote Windows host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-91 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145, Firefox ESR 140.5,...

8.8CVSS7.3AI score0.00401EPSS

Exploits0References9

Tenable Nessus•added 2025/11/14 12:0 a.m.•1 views

Mozilla Thunderbird < 145.0

The version of Thunderbird installed on the remote Windows host is prior to 145.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-90 advisory. - Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory...

9.8CVSS7.7AI score0.00401EPSS

Exploits0References16

Tenable Nessus•added 2025/11/14 12:0 a.m.•2 views

Mozilla Thunderbird < 145.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 145.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-90 advisory. - Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of...

9.8CVSS7.7AI score0.00401EPSS

Exploits0References16

RedHat Linux•added 2025/11/13 12:37 p.m.•4 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...

RedHat Linux•added 2025/11/13 12:21 p.m.•2 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...

SUSE CVE•added 2025/11/13 12:44 a.m.•2 views

SUSE CVE-2025-13016

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

7.5CVSS7.2AI score0.00401EPSS

Exploits0References15

Zero Day Initiative•added 2025/11/13 12:0 a.m.•4 views

Apple Safari JavaScriptCore Wasm Function Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Wasm...

8.8CVSS7AI score0.00725EPSS

Exploits0References1

Tenable Nessus•added 2025/11/13 12:0 a.m.•4 views

RHEL 10 : firefox (RHSA-2025:21281)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21281 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

8.8CVSS6.2AI score0.00401EPSS

OSV•added 2025/11/13 12:0 a.m.•4 views

ALSA-2025:21281 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Mitigation bypass in the DOM: Security component CVE-2025-13018 firefox: Use-after-free in the Audio/Video component CVE-2025-13014 firefox: Incorrect boundary...

8.8CVSS6.4AI score0.00401EPSS

AlmaLinux•added 2025/11/13 12:0 a.m.•5 views

Important: firefox security update

8.8CVSS6.8AI score0.00401EPSS

Tenable Nessus•added 2025/11/13 12:0 a.m.•1 views

RHEL 9 : firefox (RHSA-2025:21280)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21280 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

8.8CVSS6.2AI score0.00401EPSS

Github Security Blog•added 2025/11/12 9:36 p.m.•9 views

Wasmtime provides unsound API access to a WebAssembly shared linear memory

Impact Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear memory. This is not sound for shared linear memories, which could be modified in paralle...

1.8CVSS6.6AI score0.00094EPSS

Exploits0References9Affected Software1

EUVD•added 2025/11/12 9:25 p.m.•2 views

EUVD-2025-131930

Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly shared linear memory could be viewed as a type which provides safe access to the host Rust to the contents of the linear...

1.8CVSS6AI score0.00094EPSS

Exploits0References7

OSV•added 2025/11/12 9:25 p.m.•2 views

CVE-2025-64345 Wasmtime provides unsound API access to a WebAssembly shared linear memory

1.8CVSS6.4AI score0.00094EPSS

Exploits0References8

RedHat Linux•added 2025/11/12 12:49 p.m.•3 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...

RedHat Linux•added 2025/11/12 12:31 p.m.•3 views

firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...