Lucene search
K

2106 matches found

Debian CVE
Debian CVE
added 2025/02/04 1:58 p.m.5 views

CVE-2025-1011

A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

9.8CVSS8.5AI score0.00585EPSS
Exploits0
CVE
CVE
added 2025/02/04 1:58 p.m.323 views

CVE-2025-1011

CVE-2025-1011 is a WebAssembly code-generation bug that could crash the affected Mozilla components and, per the connected advisories, may enable remote code execution. Public references indicate the vulnerability affects Firefox up to version 135 (and ESR 128.7) and Thunderbird up to 128.7 (and ...

9.8CVSS7.3AI score0.00585EPSS
Exploits0References7Affected Software2
CNNVD
CNNVD
added 2025/02/04 12:0 a.m.2 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 135, which stems from an error in WebAssembly code generation that could cause a crash...

9.8CVSS8.3AI score0.00585EPSS
Exploits0References6
Mozilla
Mozilla
added 2025/02/04 12:0 a.m.14 views

Security Vulnerabilities fixed in Thunderbird ESR 128.7 — Mozilla

An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. An attacker could have caused a use-after-free via the Custom Highlight API, leading to a potentially exploitable crash. A bug in WebAssembly code generation could have lead to a cras...

9.8CVSS10AI score0.07748EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.9 views

Mozilla Firefox < 135.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-07 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory...

9.8CVSS7.4AI score0.01163EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.10 views

Mozilla Firefox ESR < 128.7

The version of Firefox ESR installed on the remote Windows host is prior to 128.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-09 advisory. - Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of thes...

9.8CVSS7.5AI score0.01163EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2025/02/04 12:0 a.m.12 views

mozilla -- multiple vulnerabilities

[email protected] reports: A bug in WebAssembly code generation could have lead to a crash. It may have been possible for an attacker to leverage this to achieve code execution. A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have...

9.8CVSS8.2AI score0.00585EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.4 views

PT-2025-4124

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 135 Firefox ESR versions prior to 128.7 Thunderbird versions prior to 128.7 Thunderbird versions prior to 135 Description A bug in WebAssembly code generation could have led to a crash, potentially allowing an attacke...

9.8CVSS7.7AI score0.32568EPSS
Exploits4References276
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.8 views

Mozilla Firefox < 135.0

The version of Firefox installed on the remote Windows host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-07 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption...

9.8CVSS7.4AI score0.01163EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.11 views

Mozilla Thunderbird < 135.0

The version of Thunderbird installed on the remote Windows host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-11 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory...

9.8CVSS7.5AI score0.01276EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.12 views

Mozilla Thunderbird < 135.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-11 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of...

9.8CVSS7.5AI score0.01276EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.6 views

Mozilla Thunderbird < 128.7

The version of Thunderbird installed on the remote Windows host is prior to 128.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-10 advisory. - Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of thes...

9.8CVSS7.5AI score0.01276EPSS
Exploits0References12
OSV
OSV
added 2025/02/03 5:37 a.m.3 views

USN-7250-1 netdata vulnerabilities

It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18836 It was discovered that Netdata incorrectly handled parsing HT...

9.1CVSS7.5AI score0.02172EPSS
Exploits8References8
Microsoft CVE
Microsoft CVE
added 2025/01/18 8:0 a.m.7 views

In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly (wasm). (Earlier and later versions are unaffected.)

...

6.5CVSS6.5AI score0.00452EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-40348

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description A use-after-free condition exists in V8 when evaluating the compile-time options parameter, which detaches the ArrayBuffer holding the wire bytes. This issue was reported by Google Big Sleep...

8.8CVSS6.4AI score0.00329EPSS
Exploits0References42
OSV
OSV
added 2024/12/16 1:56 p.m.7 views

BIT-NODE-MIN-2023-39333

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...

5.3CVSS6.4AI score0.00936EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2024/11/14 12:0 a.m.254 views

webkit2gtk3 security update

2.44.3-2 - Add patch to fix WebAssembly Resolves: RHEL-32578 2.44.3-1 - Update to 2.44.3 Resolves: RHEL-32578 2.44.2-1 - Update to 2.44.2 Resolves: RHEL-32578 2.44.1-1 - Update to 2.44.1 Resolves: RHEL-32578 Resolves: RHEL-29637 2.42.5-1 - Update to 2.42.5 Resolves: RHEL-3960 2.42.4-1 - Update to...

9.6CVSS7.3AI score0.01344EPSS
Exploits1
OSV
OSV
added 2024/11/08 10:15 p.m.7 views

CVE-2024-35422

vmir e8117 was discovered to contain a heap buffer overflow via the wasmcall function at /src/vmirwasmparser.c...

7.8CVSS6.1AI score0.00253EPSS
Exploits1References2
OSV
OSV
added 2024/11/08 10:15 p.m.7 views

CVE-2024-35423

vmir e8117 was discovered to contain a heap buffer overflow via the wasmparsesectionfunctions function at /src/vmirwasmparser.c...

7.8CVSS6.1AI score0.00308EPSS
Exploits1References2
OSV
OSV
added 2024/11/08 10:15 p.m.1 views

CVE-2024-35410

wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted wasm file...

6.2CVSS5.8AI score0.00256EPSS
Exploits1References2
Rows per page
Query Builder