| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /tap/dw.php endpoint. The text parameter is used to construct file paths without adequate normalization or restriction to a safe base directory. A remote attacker can exploit this flaw to access arbitrary files on the underlying operating system, resulting in unauthorized disclosure of sensitive information. |
| Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151. |
| LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP connection without authentication, causing server crashes through virtual function call errors or disrupting active streams by terminating victim sessions. |
| Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. |
| Microsoft Word Security Feature Bypass Vulnerability |
| Windows Graphics Component Information Disclosure Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Elevation of Privilege Vulnerability |
| Microsoft Excel Information Disclosure Vulnerability |
| Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Office Graphics Remote Code Execution Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| Microsoft Outlook Spoofing Vulnerability |
