CVE ID : CVE-2025-4086
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : A specially crafted filename containing a large number of encoded newline characters could obscure the file’s extension when displayed in the download dialog.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4087
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4088
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : A security vulnerability in Firefox allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4089
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : Due to insufficient escaping of special characters in the “copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user’s system. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4090
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability existed in Firefox for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4091
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4093
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4083
Published : April 29, 2025, 2:15 p.m. | 1 hour, 48 minutes ago
Description : A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document’s process instead of the intended frame, potentially enabling a sandbox escape. This vulnerability affects Firefox
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4065
Published : April 29, 2025, 3:15 p.m. | 47 minutes ago
Description : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4066
Published : April 29, 2025, 3:15 p.m. | 47 minutes ago
Description : A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-4067
Published : April 29, 2025, 3:15 p.m. | 47 minutes ago
Description : A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. Affected is an unknown function of the file /admin/viewpackage.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
The identity of Bitcoin’s creator is crypto’s greatest mystery. Now, one of the industry’s biggest names is floating its wildest…
UPS is exploring a game-changing tech upgrade: humanoid robots. The logistics giant is in active talks with Figure AI, a…
Alibaba just launched Qwen3, a new series of open-source AI models that experts say could rival top systems from Google…
OpenAI is turning ChatGPT into a shopping assistant, ushering in a new era of “conversational commerce” and directly challenging tech…
Researchers from the University of Zurich secretly ran a months-long AI experiment on Reddit’s 3.8M-member r/changemyview community without user consent.…
Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some…
In 2025, agentic AI applications are no longer pet projects—companies around the world are investing in software to incorporate AI…
In the era of generative AI, new large language models (LLMs) are continually emerging, each with unique capabilities, architectures, and…
Cities and local governments are continuously seeking ways to enhance their non-emergency services, recognizing that intelligent, scalable contact center solutions…