13063 matches found
CVE-2025-9186
Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox 142...
CVE-2025-9179
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14,...
CVE-2025-9184
Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox...
CVE-2025-9181
Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
CVE-2025-9182
Denial-of-service due to out-of-memory in the Graphics: WebRender component. This vulnerability affects Firefox 142, Firefox ESR 140.2, Thunderbird 142, and Thunderbird 140.2...
CVE-2025-9183
Spoofing issue in the Address Bar component. This vulnerability affects Firefox 142 and Firefox ESR 140.2...
CVE-2025-9180
Same-origin policy bypass in the Graphics: Canvas2D component. This vulnerability affects Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
CVE-2025-8364
A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. Note: This issue only affected Android operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 141...
CVE-2025-8042
Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability affects Firefox 141...
CVE-2025-8041
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox 141...
CVE-2025-55031
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects...
CVE-2025-55029
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-55030
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-54143
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS 141...
CVE-2025-54144
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS 141...
CVE-2025-55028
Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS 142...
CVE-2025-54145
The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS 141...
CVE-2025-9165
A flaw has been found in LibTIFF 4.7.0. This affects the function TIFFmallocExt/TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This attack is...
CVE-2025-9136
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestreamvscanf of the file libretro-common/streams/filestream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It...
CVE-2025-9019
A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function maskcidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitatio...
CVE-2025-8714
Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...
CVE-2025-8715
Improper neutralization of newlines in pgdump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks...
CVE-2025-8713
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this...
CVE-2025-8961
A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...
CVE-2025-55199
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...
CVE-2025-55198
Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expect...
CVE-2025-23304
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-55160
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior function-type-mismatch in splay tree cloning callback. This results in a deterministic abort under UBSan DoS in sanitizer builds, wit...
CVE-2025-55154
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage in coders/png.c are unsafe and can overflow, leading to memory corruption. This issue has been patched in...
CVE-2025-55005
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024...
CVE-2025-55004
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This c...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...
CVE-2025-8881
Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8901
Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2025-8880
Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2025-8879
Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. Chromium security severity: High...
CVE-2025-32086
Improperly implemented security check for standard in the DDRIO configuration for some IntelR XeonR 6 Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2025-26403
Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2025-24305
Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2025-22889
Improper handling of overlap between protected memory ranges for some IntelR XeonR 6 processor with IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2025-22840
Sequence of processor instructions leads to unexpected behavior for some IntelR XeonR 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-22839
Insufficient granularity of access control in the OOB-MSM for some IntelR XeonR 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access...
CVE-2025-21090
Missing reference to active allocated resource for some IntelR XeonR processors may allow an authenticated user to potentially enable denial of service via local access...
CVE-2025-20109
Improper Isolation or Compartmentalization in the stream cache mechanism for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2025-20053
Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2025-54864
Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be...
CVE-2025-54800
Hydra is a continuous integration service for Nix based projects. Prior to commit dea1e16, a malicious package can introduce arbitrary JavaScript code into the Hydra database that is automatically evaluated in a client's browser when anyone visits the build page. This could be done by a third-par...
CVE-2025-55158
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...
CVE-2025-55157
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...