|
1261
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t…
New
|
CWE-125
CWE-416
CWE-787
Out-of-bounds Read
Use After Free
Out-of-bounds Write
|
CVE-2026-6784
|
2026-04-23 01:05 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1262
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-6772
|
2026-04-23 01:04 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1263
|
7.2 |
HIGH
Network
|
sanjay1313
|
visitor_management_system
|
Visitor Management System 1.0 by sanjay1313 is vulnerable to Unrestricted File Upload in vms/php/admin_user_insert.php and vms/php/update_1.php. The move_uploaded_file() function is called without an…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-37748
|
2026-04-23 01:02 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1264
|
8.2 |
HIGH
Network
|
hcltech
|
bigfix_service_management
|
HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP pars…
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2025-31958
|
2026-04-23 01:01 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1265
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-6783
|
2026-04-23 00:18 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1266
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-200
Information Exposure
|
CVE-2026-6782
|
2026-04-23 00:18 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1267
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-20
CWE-79
CWE-119
Improper Input Validation
Cross-site Scripting
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6779
|
2026-04-23 00:18 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1268
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6775
|
2026-04-23 00:17 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1269
|
5.4 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-6774
|
2026-04-23 00:17 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1270
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Denial-of-service due to integer overflow in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-6773
|
2026-04-23 00:17 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
