CVE-2025-6430 – Firefox Object Injection Vulnerability

June 24, 2025

CVE ID : CVE-2025-6430

Published : June 24, 2025, 1:15 p.m. | 1 hour, 23 minutes ago

Description : When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox
Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6427 – Mozilla Firefox Content Security Policy Bypass

Next Article CVE-2025-6424 – Firefox FontFaceSet Use-After-Free Crash Vulnerability

Highlights

CVE-2025-6113 – Tenda FH1203 Buffer Overflow Vulnerability

June 16, 2025

CVE ID : CVE-2025-6113

Published : June 16, 2025, 8:15 a.m. | 29 minutes ago

Description : A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. Affected is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-6430 – Firefox Object Injection Vulnerability

Critical Kibana Flaws: CVE-2025-2135 (CVSS 9.9) Allows Heap Corruption & RCE; Open Redirect Also Patched

CVE-2025-0966 – IBM InfoSphere Information Server SQL Injection Vulnerability

CVE-2025-5269 – Firefox ESR Memory Corruption Vulnerability

CVE-2025-45988 – Blink Routers Command Injection Vulnerability

Tangram is an interesting Linux web browser

Overwatch 2 developers at Blizzard Entertainment form union under Microsoft

CVE-2025-6113 – Tenda FH1203 Buffer Overflow Vulnerability

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products

Samsung’s One UI 7 arriving for these devices first – here’s a trick for getting it early

CVE-2025-4979 – GitLab Information Disclosure Vulnerability

CVE-2025-6430 – Firefox Object Injection Vulnerability

Related Posts