|
1251
|
9.8 |
CRITICAL
Network
|
silextechnology
|
sd-330ac_firmware
amc_manager
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32956
|
2026-04-23 01:57 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1252
|
8.8 |
HIGH
Network
|
silextechnology
|
sd-330ac_firmware
amc_manager
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-32955
|
2026-04-23 01:56 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1253
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-6751
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1254
|
7.3 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6752
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1255
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-352
Origin Validation Error
|
CVE-2026-6755
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1256
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-416
Use After Free
|
CVE-2026-6759
|
2026-04-23 01:08 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1257
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-6764
|
2026-04-23 01:07 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1258
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2026-6765
|
2026-04-23 01:07 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1259
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-6771
|
2026-04-23 01:06 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1260
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Invalid pointer in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
New
|
CWE-476
CWE-824
NULL Pointer Dereference
Access of Uninitialized Pointer
|
CVE-2026-6778
|
2026-04-23 01:05 |
2026-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
