CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2106 matches found

Tenable Nessus•added 2025/11/11 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-13016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and...

7.5CVSS7.3AI score0.00401EPSS

Exploits0References3

Tenable Nessus•added 2025/11/11 12:0 a.m.•1 views

Mozilla Firefox ESR < 140.5

The version of Firefox ESR installed on the remote Windows host is prior to 140.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-88 advisory. - Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox 145 and Firefox ESR 140.5...

8.8CVSS6.1AI score0.00401EPSS

Exploits0References10

Tenable Nessus•added 2025/11/11 12:0 a.m.•2 views

Mozilla Firefox < 145.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 145.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-87 advisory. - Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory...

9.8CVSS6.5AI score0.00401EPSS

Exploits0References17

Positive Technologies•added 2025/11/11 12:0 a.m.•8 views

PT-2025-46356

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 145 Mozilla Firefox ESR versions prior to 140.5 Thunderbird versions prior to 145 Thunderbird versions prior to 140.5 Mozilla Firefox ESR versions prior to 140.5.0esr-1deb11u1 Mozilla Firefox ESR versions prio...

10CVSS8.1AI score0.09348EPSS

Exploits2References228

FreeBSD•added 2025/11/11 12:0 a.m.•6 views

firefox -- Use-after-free

https://bugzilla.mozilla.org/showbug.cgi?id=1995686 reports: Use-after-free in the WebRTC: Audio/Video component. Same-origin policy bypass in the DOM: Workers component. Mitigation bypass in the DOM: Security component. Same-origin policy bypass in the DOM: Notifications component. Incorrect...

8.8CVSS6.6AI score0.00401EPSS

Exploits0References9

RedhatCVE•added 2025/10/28 8:51 p.m.•3 views

CVE-2025-62711

A Denial of Service vulnerability has been identified in the Wasmtime WebAssembly runtime, affecting versions 38.0.0 through 38.0.2. An attacker can exploit this flaw by providing a carefully crafted WebAssembly component and invoking it in a specific manner. This malicious action causes the host...

3.7CVSS6.8AI score0.00405EPSS

Exploits0References6

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-62711

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to before 38.0.3, the implementation of component-model related host-to-wasm trampolines in...

3.1CVSS5.2AI score0.00405EPSS

Exploits0References2

CNNVD•added 2025/10/24 12:0 a.m.•4 views

wasmtime 安全漏洞

wasmtime is a lightweight WebAssembly runtime open-sourced by the Bytecode Alliance. A security vulnerability exists in wasmtime version 38.0.0 through versions prior to 38.0.3, which stems from a flaw in the host-to-wasm springboard implementation associated with the component model, which could...

3.1CVSS6.3AI score0.00405EPSS

Exploits0References3