Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability wa
Same-origin policy bypass in the DOM: Notifications component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.
Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12.
CVE-2026-2784
CRITICAL CVSS 9.8
Find Similar
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android. This affects an unknown part of the component Authentication Token Handler. The manipulation leads to i
JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The man
A security vulnerability has been detected in chatwoot up to 4.11.1. The affected element is an unknown function of the file /app/login of the component Signup Endpoint. Such manipulation of the argum
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5.
A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMacList/Edit_List_SSID of
CVE-2026-0881
CRITICAL CVSS 10.0
Find Similar
Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.
CVE-2026-8091
CRITICAL CVSS 9.8
Find Similar
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2
CVE-2026-12304
CRITICAL CVSS 9.1
Find Similar
Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12.
A vulnerability, which was classified as problematic, was found in H3C R2+ProG up to 200R004. Affected is the function UpdateWanParams/AddMacList/EditMacList/AddWlanMacList/EditWlanMacList/Edit_BasicS
CVE-2026-2796
CRITICAL CVSS 9.8
Find Similar
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks. This vulnerability affect
A vulnerability has been found in H3C Magic R200G up to 100R002 and classified as problematic. Affected by this vulnerability is the function Edit_BasicSSID/Edit_BasicSSID_5G/SetAPWifiorLedInfoById/Se
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior
← Previous Page 5