Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987430)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987430 advisory. Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox...

CVE-2025-5266

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

CVE-2025-5266

CVE-2025-5266: XS-Leaks via script elements loading cross-origin resources affecting Firefox < 139, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird

CVE-2025-5266 Script element events leaked cross-origin resource status

Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks. This vulnerability was fixed in Firefox 139, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11...

Mozilla Firefox ESR < 128.11

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 128.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-44 advisory. - Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of...

Deanonymizing OpenSea NFT Owners via Cross-Site Search Vulnerability

TLDR Recently, a cross-site search vulnerability was discovered affecting the popular NFT marketplace OpenSea. When successfully exploited, this issue allows for the deanonymization of OpenSea users by linking an IP address, a browser session, or an email in certain conditions to a specific...

CVE-2022-34477

The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...

CVE-2022-34477

The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...

CVE-2022-34477

The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...

CVE-2022-34477

The MediaError message property should be consistent to avoid leaking information about cross-origin resources; however for a same-site cross-origin resource, the message could have leaked information enabling XS-Leaks attacks. This vulnerability affects Firefox 102...

GitLab: Responsible Disclosure of Privacy Leakage Issue

Greetings, I am Mojtaba Zaheri, a doctoral candidate in Computer Science, affiliated with the NJIT Cybersecurity Research Center. Together with my doctoral dissertation advisor, Prof. Reza Curtmola, we are reaching out to perform responsible disclosure of a vulnerability present on the GitLab...