| 0 |
| url |
VCID-19r2-4svk-uydr |
| vulnerability_id |
VCID-19r2-4svk-uydr |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4578 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29121 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0011 |
| scoring_system |
epss |
| scoring_elements |
0.29238 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35742 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35882 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35793 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35815 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35823 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35783 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.3576 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.358 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35789 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35912 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4578 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4578
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-19r2-4svk-uydr |
|
| 1 |
| url |
VCID-1dkk-86db-s3ch |
| vulnerability_id |
VCID-1dkk-86db-s3ch |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5168 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49006 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.4902 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48984 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49011 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49019 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48965 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49052 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49056 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49005 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49032 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49015 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5168 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5168
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1dkk-86db-s3ch |
|
| 2 |
| url |
VCID-1jvh-anus-rfeg |
| vulnerability_id |
VCID-1jvh-anus-rfeg |
| summary |
When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3034 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43764 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43804 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43854 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43857 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43875 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43843 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43825 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43886 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43878 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43811 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.4385 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43874 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3034 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-3034
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1jvh-anus-rfeg |
|
| 3 |
| url |
VCID-1rj3-tt63-4yc1 |
| vulnerability_id |
VCID-1rj3-tt63-4yc1 |
| summary |
Through use of reportValidity() and window.open(), a plain-text validation message could have been overlaid on another origin, leading to possible user confusion and spoofing attacks. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38497 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41604 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41657 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41497 |
| published_at |
2026-04-24T12:55:00Z |
|
| 3 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41679 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41705 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00197 |
| scoring_system |
epss |
| scoring_elements |
0.41672 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41851 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41831 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41896 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41924 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.419 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41911 |
| published_at |
2026-04-09T12:55:00Z |
|
| 12 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41935 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38497 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38497
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1rj3-tt63-4yc1 |
|
| 4 |
| url |
VCID-1z5d-4wfm-8yfk |
| vulnerability_id |
VCID-1z5d-4wfm-8yfk |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9396 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.3928 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39475 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39559 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39574 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39567 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39513 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39597 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39589 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39539 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39555 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39593 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39583 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9396 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9396
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5d-4wfm-8yfk |
|
| 5 |
| url |
VCID-2a5d-8cac-mkft |
| vulnerability_id |
VCID-2a5d-8cac-mkft |
| summary |
A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29542 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28953 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.29026 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28999 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28995 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.29076 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00107 |
| scoring_system |
epss |
| scoring_elements |
0.28885 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31864 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00126 |
| scoring_system |
epss |
| scoring_elements |
0.31898 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.3315 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33127 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32941 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33089 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29542 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29542
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2a5d-8cac-mkft |
|
| 6 |
| url |
VCID-2z7p-2uj3-2qfb |
| vulnerability_id |
VCID-2z7p-2uj3-2qfb |
| summary |
If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9815 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.7729 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77263 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77265 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77257 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77162 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77169 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77198 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77179 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77212 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.7722 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77248 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77227 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77224 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9815 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9815
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2z7p-2uj3-2qfb |
|
| 7 |
| url |
VCID-3sjh-f264-m3g7 |
| vulnerability_id |
VCID-3sjh-f264-m3g7 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8387 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.6776 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.6774 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67746 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.6771 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67744 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67688 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67669 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67668 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67759 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.67735 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00543 |
| scoring_system |
epss |
| scoring_elements |
0.6772 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8387 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8387
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3sjh-f264-m3g7 |
|
| 8 |
| url |
VCID-4c3c-ygt3-kbg5 |
| vulnerability_id |
VCID-4c3c-ygt3-kbg5 |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-6797 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77287 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.7722 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.7726 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77262 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77253 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77159 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77165 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77195 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77176 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77209 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77217 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77245 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.0102 |
| scoring_system |
epss |
| scoring_elements |
0.77224 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-6797 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-6797
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4c3c-ygt3-kbg5 |
|
| 9 |
| url |
VCID-4r8e-64b6-bbbu |
| vulnerability_id |
VCID-4r8e-64b6-bbbu |
| summary |
Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4711 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06239 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06224 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06047 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06126 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06087 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06062 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06067 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06105 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06112 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4711 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4711
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4r8e-64b6-bbbu |
|
| 10 |
| url |
VCID-4sv2-j8zg-xkhf |
| vulnerability_id |
VCID-4sv2-j8zg-xkhf |
| summary |
When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17009 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34455 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34731 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34708 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34742 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34727 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34687 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34579 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34792 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34818 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34695 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34738 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.34766 |
| published_at |
2026-04-09T12:55:00Z |
|
| 12 |
| value |
0.00144 |
| scoring_system |
epss |
| scoring_elements |
0.3477 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17009 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-17009
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4sv2-j8zg-xkhf |
|
| 11 |
| url |
VCID-4vps-3cxv-xyd5 |
| vulnerability_id |
VCID-4vps-3cxv-xyd5 |
| summary |
On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-5692 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54742 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54698 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54726 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00316 |
| scoring_system |
epss |
| scoring_elements |
0.54745 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61475 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61503 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61473 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61521 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61536 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61557 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61544 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61524 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-5692 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-5692
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4vps-3cxv-xyd5 |
|
| 12 |
| url |
VCID-5666-pp89-aqc2 |
| vulnerability_id |
VCID-5666-pp89-aqc2 |
| summary |
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.*Note: this issue only affects Firefox on Windows operating systems.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-12393 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.6513 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.6512 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65129 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65113 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65001 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65051 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65077 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.6504 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.6509 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65103 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65122 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65112 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.0048 |
| scoring_system |
epss |
| scoring_elements |
0.65084 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-12393 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-12393
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5666-pp89-aqc2 |
|
| 13 |
| url |
VCID-5aga-y5nk-5fha |
| vulnerability_id |
VCID-5aga-y5nk-5fha |
| summary |
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would processing incorrectly, leading to an out-of-bounds read.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29964 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55405 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55463 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55499 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55502 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55481 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55326 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55437 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55461 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.5544 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55491 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.55501 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00324 |
| scoring_system |
epss |
| scoring_elements |
0.5548 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29964 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29964
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5aga-y5nk-5fha |
|
| 14 |
| url |
VCID-5c1p-6gjw-wkgx |
| vulnerability_id |
VCID-5c1p-6gjw-wkgx |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird,
the worst of which could lead to the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12391 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.679 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67882 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67895 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67919 |
| published_at |
2026-04-24T12:55:00Z |
|
| 4 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67906 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67869 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67918 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67798 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67832 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67851 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00547 |
| scoring_system |
epss |
| scoring_elements |
0.67831 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12391 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12391
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5c1p-6gjw-wkgx |
|
| 15 |
| url |
VCID-5srb-q1nd-1qfh |
| vulnerability_id |
VCID-5srb-q1nd-1qfh |
| summary |
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. *Note: This attack only affects Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-7845 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73481 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.7341 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73403 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73445 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73453 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73447 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73352 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73362 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73386 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73357 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73394 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73407 |
| published_at |
2026-04-09T12:55:00Z |
|
| 12 |
| value |
0.00763 |
| scoring_system |
epss |
| scoring_elements |
0.73431 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-7845 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-7845
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5srb-q1nd-1qfh |
|
| 16 |
| url |
VCID-5zmj-5xkc-zkgc |
| vulnerability_id |
VCID-5zmj-5xkc-zkgc |
| summary |
A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11694 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60601 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60582 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60623 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60628 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60616 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60458 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60534 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.6056 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60529 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60578 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60594 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60618 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00398 |
| scoring_system |
epss |
| scoring_elements |
0.60603 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11694 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-11694
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5zmj-5xkc-zkgc |
|
| 17 |
| url |
VCID-62zr-8w1c-bydt |
| vulnerability_id |
VCID-62zr-8w1c-bydt |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8394 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58364 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58408 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58389 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58422 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58426 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58403 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58359 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58379 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58353 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58406 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58412 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00363 |
| scoring_system |
epss |
| scoring_elements |
0.58429 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8394 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8394
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-62zr-8w1c-bydt |
|
| 18 |
| url |
VCID-6dgw-qbue-nqax |
| vulnerability_id |
VCID-6dgw-qbue-nqax |
| summary |
If a Thunderbird user replied to a crafted HTML email containing a meta tag, with the meta tag
having the http-equiv="refresh" attribute, and the content attribute specifying an URL, then
Thunderbird started a network request to that URL, regardless of the configuration to block
remote content. In combination with certain other HTML elements and attributes in the email,
it was possible to execute JavaScript code included in the message in the context of the
message compose document.
The JavaScript code was able to perform actions including, but probably not limited
to, read and modify the contents of the message compose document, including the quoted
original message, which could potentially contain the decrypted plaintext of encrypted data
in the crafted email.
The contents could then be transmitted to the network, either to the URL specified in the META refresh tag,
or to a different URL, as the JavaScript code could modify the URL specified in the document.
This bug doesn't affect users who have changed the default Message Body display setting to
'simple html' or 'plain text'. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3033 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.73047 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72912 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.7295 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72964 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72989 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72969 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72962 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.73004 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.73014 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.73007 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72917 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00742 |
| scoring_system |
epss |
| scoring_elements |
0.72937 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3033 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-3033
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6dgw-qbue-nqax |
|
| 19 |
| url |
VCID-6h7s-a74e-33c1 |
| vulnerability_id |
VCID-6h7s-a74e-33c1 |
| summary |
Mozilla developer Anne van Kesteren discovered that <iframe sandbox> with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15653 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51808 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51862 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51842 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51827 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51869 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51876 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51858 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51724 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51773 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51799 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51759 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51814 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.00284 |
| scoring_system |
epss |
| scoring_elements |
0.51811 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15653 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15653
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6h7s-a74e-33c1 |
|
| 20 |
| url |
VCID-6s88-vfr8-u3hj |
| vulnerability_id |
VCID-6s88-vfr8-u3hj |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4585 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41115 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41065 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41081 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41113 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.4104 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41089 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41096 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41082 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41078 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00191 |
| scoring_system |
epss |
| scoring_elements |
0.41107 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42329 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00203 |
| scoring_system |
epss |
| scoring_elements |
0.42393 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4585 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4585
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6s88-vfr8-u3hj |
|
| 21 |
| url |
VCID-6zjy-1agk-nbd9 |
| vulnerability_id |
VCID-6zjy-1agk-nbd9 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5174 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63469 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63452 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63397 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63466 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63458 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.6346 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63424 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63441 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.6339 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63476 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63459 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5174 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5174
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6zjy-1agk-nbd9 |
|
| 22 |
| url |
VCID-74zp-pzc4-efhm |
| vulnerability_id |
VCID-74zp-pzc4-efhm |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38495 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67966 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.6789 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67928 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67941 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67921 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67828 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67852 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67872 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67902 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67916 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.6794 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00548 |
| scoring_system |
epss |
| scoring_elements |
0.67926 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38495 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38495
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-74zp-pzc4-efhm |
|
| 23 |
| url |
VCID-754j-7erb-z7ae |
| vulnerability_id |
VCID-754j-7erb-z7ae |
| summary |
Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2817 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59337 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59359 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59326 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59339 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59357 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59374 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59354 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59341 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59291 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59303 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59378 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59372 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-2817 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-2817
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-754j-7erb-z7ae |
|
| 24 |
| url |
VCID-7939-5qcd-tqgg |
| vulnerability_id |
VCID-7939-5qcd-tqgg |
| summary |
Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges.*This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4082 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56319 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56392 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56382 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56406 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56431 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56418 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56413 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56362 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56359 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.5642 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56419 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00335 |
| scoring_system |
epss |
| scoring_elements |
0.56387 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4082 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-4082
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7939-5qcd-tqgg |
|
| 25 |
| url |
VCID-7fvy-7hpe-kbej |
| vulnerability_id |
VCID-7fvy-7hpe-kbej |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38492 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61079 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61057 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61073 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61094 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61081 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61061 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61103 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61108 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61091 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.60938 |
| published_at |
2026-04-01T12:55:00Z |
|
| 10 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61015 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61044 |
| published_at |
2026-04-04T12:55:00Z |
|
| 12 |
| value |
0.00406 |
| scoring_system |
epss |
| scoring_elements |
0.61009 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38492 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38492
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7fvy-7hpe-kbej |
|
| 26 |
| url |
VCID-7sbd-1n7f-ryed |
| vulnerability_id |
VCID-7sbd-1n7f-ryed |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4057 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00215 |
| scoring_system |
epss |
| scoring_elements |
0.43995 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00215 |
| scoring_system |
epss |
| scoring_elements |
0.44044 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.4463 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44609 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44567 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44619 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44622 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44639 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.4461 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44665 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0022 |
| scoring_system |
epss |
| scoring_elements |
0.44658 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4057 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4057
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7sbd-1n7f-ryed |
|
| 27 |
| url |
VCID-7u5b-uzd5-7kdc |
| vulnerability_id |
VCID-7u5b-uzd5-7kdc |
| summary |
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11691 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37069 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37005 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37056 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37063 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37017 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37044 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37078 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37143 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00161 |
| scoring_system |
epss |
| scoring_elements |
0.37175 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44555 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44625 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00219 |
| scoring_system |
epss |
| scoring_elements |
0.44469 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11691 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-11691
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7u5b-uzd5-7kdc |
|
| 28 |
| url |
VCID-8cv4-kvfj-4uek |
| vulnerability_id |
VCID-8cv4-kvfj-4uek |
| summary |
Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11758 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74931 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74897 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74904 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74895 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74817 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74819 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74847 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74821 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74853 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74867 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74891 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.7487 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.7486 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-11758 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-11758
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8cv4-kvfj-4uek |
|
| 29 |
| url |
VCID-8hgj-7cb6-fbbp |
| vulnerability_id |
VCID-8hgj-7cb6-fbbp |
| summary |
A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9818 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.56917 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.57004 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.5698 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.57009 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.57007 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.56865 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.56962 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.56983 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.56959 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.5701 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.57012 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00343 |
| scoring_system |
epss |
| scoring_elements |
0.57024 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9818 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9818
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8hgj-7cb6-fbbp |
|
| 30 |
| url |
VCID-8kgq-qhy6-e3c2 |
| vulnerability_id |
VCID-8kgq-qhy6-e3c2 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38476 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40346 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40429 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40421 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40452 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40404 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40423 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40462 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40441 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40455 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.4043 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00186 |
| scoring_system |
epss |
| scoring_elements |
0.40379 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41798 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38476 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38476
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8kgq-qhy6-e3c2 |
|
| 31 |
| url |
VCID-8uk6-x62z-uybr |
| vulnerability_id |
VCID-8uk6-x62z-uybr |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-2505 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43728 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43715 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43782 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43795 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43757 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43803 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43742 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43758 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.4379 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.4377 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43767 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45271 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-2505 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-2505
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8uk6-x62z-uybr |
|
| 32 |
| url |
VCID-9dpt-xfu6-cuh5 |
| vulnerability_id |
VCID-9dpt-xfu6-cuh5 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4580 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00069 |
| scoring_system |
epss |
| scoring_elements |
0.21039 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00069 |
| scoring_system |
epss |
| scoring_elements |
0.21165 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.23923 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24104 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.23989 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24036 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24053 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24011 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.23954 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.23964 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.23952 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00082 |
| scoring_system |
epss |
| scoring_elements |
0.24142 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4580 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4580
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9dpt-xfu6-cuh5 |
|
| 33 |
| url |
VCID-9tc4-qr6d-6kfu |
| vulnerability_id |
VCID-9tc4-qr6d-6kfu |
| summary |
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15654 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65644 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65642 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65627 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65599 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65634 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65647 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65629 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65513 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65562 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65592 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65558 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65611 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65623 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15654 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15654
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9tc4-qr6d-6kfu |
|
| 34 |
| url |
VCID-9tnr-m8mg-3ffw |
| vulnerability_id |
VCID-9tnr-m8mg-3ffw |
| summary |
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-5265 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18377 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18475 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18453 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18444 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.1875 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18602 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.186 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18547 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18466 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18696 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18502 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00059 |
| scoring_system |
epss |
| scoring_elements |
0.18555 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-5265 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-5265
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9tnr-m8mg-3ffw |
|
| 35 |
| url |
VCID-9u64-4cr7-w3e1 |
| vulnerability_id |
VCID-9u64-4cr7-w3e1 |
| summary |
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla SeaMonkey. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-3677 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98572 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98561 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98563 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98569 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.9857 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98557 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.67298 |
| scoring_system |
epss |
| scoring_elements |
0.98559 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.76758 |
| scoring_system |
epss |
| scoring_elements |
0.98939 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.76758 |
| scoring_system |
epss |
| scoring_elements |
0.98941 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.76758 |
| scoring_system |
epss |
| scoring_elements |
0.98943 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-3677 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-3677
|
| risk_score |
10.0 |
| exploitability |
2.0 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9u64-4cr7-w3e1 |
|
| 36 |
| url |
VCID-9y48-sjn7-rqeu |
| vulnerability_id |
VCID-9y48-sjn7-rqeu |
| summary |
Mozilla developers and community members Kevin Brosnan, Mihai Alexandru Michis, and Christian Holler reported memory safety bugs present in Thunderbird 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38501 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00505 |
| scoring_system |
epss |
| scoring_elements |
0.662 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00505 |
| scoring_system |
epss |
| scoring_elements |
0.66231 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00505 |
| scoring_system |
epss |
| scoring_elements |
0.6625 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00505 |
| scoring_system |
epss |
| scoring_elements |
0.6626 |
| published_at |
2026-04-24T12:55:00Z |
|
| 4 |
| value |
0.00505 |
| scoring_system |
epss |
| scoring_elements |
0.66236 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.7136 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.71334 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.71341 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.71333 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.71374 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.71387 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00673 |
| scoring_system |
epss |
| scoring_elements |
0.7141 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38501 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38501
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9y48-sjn7-rqeu |
|
| 37 |
| url |
VCID-a2as-nfu2-ykax |
| vulnerability_id |
VCID-a2as-nfu2-ykax |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32214 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45719 |
| published_at |
2026-04-12T12:55:00Z |
|
| 1 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45749 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45731 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45707 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45727 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45675 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00244 |
| scoring_system |
epss |
| scoring_elements |
0.47713 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00244 |
| scoring_system |
epss |
| scoring_elements |
0.47787 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00244 |
| scoring_system |
epss |
| scoring_elements |
0.4778 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00244 |
| scoring_system |
epss |
| scoring_elements |
0.47731 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32214 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32214
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a2as-nfu2-ykax |
|
| 38 |
| url |
VCID-akhr-nck5-sfh2 |
| vulnerability_id |
VCID-akhr-nck5-sfh2 |
| summary |
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36314 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13098 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13084 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13285 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13219 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.12997 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13096 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13148 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13185 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13217 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00043 |
| scoring_system |
epss |
| scoring_elements |
0.13165 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.14003 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36314 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36314
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-akhr-nck5-sfh2 |
|
| 39 |
| url |
VCID-avgs-nz9j-gqg8 |
| vulnerability_id |
VCID-avgs-nz9j-gqg8 |
| summary |
On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1930 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55858 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55836 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55901 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55891 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55888 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55837 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00342 |
| scoring_system |
epss |
| scoring_elements |
0.56928 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00342 |
| scoring_system |
epss |
| scoring_elements |
0.56931 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00342 |
| scoring_system |
epss |
| scoring_elements |
0.56934 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00342 |
| scoring_system |
epss |
| scoring_elements |
0.56905 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00352 |
| scoring_system |
epss |
| scoring_elements |
0.57621 |
| published_at |
2026-04-21T12:55:00Z |
|
| 11 |
| value |
0.00352 |
| scoring_system |
epss |
| scoring_elements |
0.5758 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1930 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-1930
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-avgs-nz9j-gqg8 |
|
| 40 |
| url |
VCID-awnf-jwg6-k3bk |
| vulnerability_id |
VCID-awnf-jwg6-k3bk |
| summary |
Mozilla Developer Rob Wu discovered that a redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15655 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45675 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45775 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45744 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45753 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45803 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45798 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45745 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45665 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45731 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.4575 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.457 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45756 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.00229 |
| scoring_system |
epss |
| scoring_elements |
0.45752 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15655 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15655
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-awnf-jwg6-k3bk |
|
| 41 |
| url |
VCID-ax8a-z9s4-e3dk |
| vulnerability_id |
VCID-ax8a-z9s4-e3dk |
| summary |
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9794 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61885 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61859 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61902 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61907 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.6189 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.6173 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61804 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61834 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61805 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61854 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61869 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61891 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00419 |
| scoring_system |
epss |
| scoring_elements |
0.61879 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9794 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9794
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ax8a-z9s4-e3dk |
|
| 42 |
| url |
VCID-b6ug-rdyx-4uaw |
| vulnerability_id |
VCID-b6ug-rdyx-4uaw |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8900 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41889 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41826 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44133 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44128 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44151 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44082 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44136 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44171 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44181 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44119 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00216 |
| scoring_system |
epss |
| scoring_elements |
0.44152 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8900 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8900
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b6ug-rdyx-4uaw |
|
| 43 |
| url |
VCID-b8qk-zbj4-yfg2 |
| vulnerability_id |
VCID-b8qk-zbj4-yfg2 |
| summary |
When setting a thread name on Windows in WebRTC, an incorrect number of arguments could have been supplied, leading to stack corruption and a potentially exploitable crash. *Note: this issue only occurs on Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13722 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57833 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57867 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57897 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57896 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57873 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57759 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57843 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57863 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57839 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57893 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57895 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57911 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00356 |
| scoring_system |
epss |
| scoring_elements |
0.57888 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-13722 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-13722
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b8qk-zbj4-yfg2 |
|
| 44 |
| url |
VCID-bd6g-ev4d-kyf6 |
| vulnerability_id |
VCID-bd6g-ev4d-kyf6 |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird and
Firefox, the worst of which could lead to the execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18335 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81732 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81685 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81673 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81666 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81704 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81708 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81603 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81614 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81635 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81633 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.8166 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.01594 |
| scoring_system |
epss |
| scoring_elements |
0.81665 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-18335 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-18335
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bd6g-ev4d-kyf6 |
|
| 45 |
| url |
VCID-bsnh-1chq-z7ae |
| vulnerability_id |
VCID-bsnh-1chq-z7ae |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9400 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33436 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.338 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33846 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33808 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33832 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33874 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33876 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33917 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33844 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33802 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33949 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9400 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9400
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bsnh-1chq-z7ae |
|
| 46 |
| url |
VCID-c52k-tg8d-sbeg |
| vulnerability_id |
VCID-c52k-tg8d-sbeg |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23599 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34451 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34453 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34414 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.3439 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34425 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34412 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34371 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34484 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34512 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34379 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34422 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-23599 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-23599
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-c52k-tg8d-sbeg |
|
| 47 |
| url |
VCID-cfqv-7r6b-g3e9 |
| vulnerability_id |
VCID-cfqv-7r6b-g3e9 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4576 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55559 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55561 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55558 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55538 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55521 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55549 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55497 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55463 |
| published_at |
2026-04-24T12:55:00Z |
|
| 8 |
| value |
0.00325 |
| scoring_system |
epss |
| scoring_elements |
0.55539 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4576 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4576
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cfqv-7r6b-g3e9 |
|
| 48 |
| url |
VCID-cmnc-fyxb-rfd4 |
| vulnerability_id |
VCID-cmnc-fyxb-rfd4 |
| summary |
An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.*This bug only affects Firefox for macOS. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29531 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.67993 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68034 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68068 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68082 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68059 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68015 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.68044 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00553 |
| scoring_system |
epss |
| scoring_elements |
0.67996 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00589 |
| scoring_system |
epss |
| scoring_elements |
0.69193 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00589 |
| scoring_system |
epss |
| scoring_elements |
0.69244 |
| published_at |
2026-04-24T12:55:00Z |
|
| 10 |
| value |
0.00589 |
| scoring_system |
epss |
| scoring_elements |
0.69213 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00589 |
| scoring_system |
epss |
| scoring_elements |
0.69205 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29531 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29531
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cmnc-fyxb-rfd4 |
|
| 49 |
| url |
VCID-cw2e-p5x2-j7fu |
| vulnerability_id |
VCID-cw2e-p5x2-j7fu |
| summary |
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36059 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68566 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68517 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68538 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68525 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68486 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68518 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6853 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68504 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68487 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.6846 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68441 |
| published_at |
2026-04-02T12:55:00Z |
|
| 11 |
| value |
0.00567 |
| scoring_system |
epss |
| scoring_elements |
0.68437 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-36059 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-36059, GHSA-rfv9-x7hh-xc32
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cw2e-p5x2-j7fu |
|
| 50 |
| url |
VCID-dveb-sthz-bkgu |
| vulnerability_id |
VCID-dveb-sthz-bkgu |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25738 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36921 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37145 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37303 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37201 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37218 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37172 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37199 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37233 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37223 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37329 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37156 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37208 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25738 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-25738
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dveb-sthz-bkgu |
|
| 51 |
| url |
VCID-dwy5-7rms-rkg6 |
| vulnerability_id |
VCID-dwy5-7rms-rkg6 |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3155 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1122 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11123 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11209 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11183 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11048 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11057 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11188 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11282 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11096 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11175 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11232 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11241 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3155 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-3155
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dwy5-7rms-rkg6 |
|
| 52 |
| url |
VCID-e7p8-zrwx-5ug6 |
| vulnerability_id |
VCID-e7p8-zrwx-5ug6 |
| summary |
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11698 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39234 |
| published_at |
2026-04-16T12:55:00Z |
|
| 1 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.3918 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39198 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39236 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39224 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39208 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39154 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00177 |
| scoring_system |
epss |
| scoring_elements |
0.39212 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47061 |
| published_at |
2026-04-24T12:55:00Z |
|
| 9 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47127 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0024 |
| scoring_system |
epss |
| scoring_elements |
0.47075 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11698 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-11698
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-e7p8-zrwx-5ug6 |
|
| 53 |
| url |
VCID-ebhp-kzkz-euhu |
| vulnerability_id |
VCID-ebhp-kzkz-euhu |
| summary |
Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29545 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57056 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57024 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57048 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57069 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57058 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57029 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57006 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00344 |
| scoring_system |
epss |
| scoring_elements |
0.57007 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.5866 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58628 |
| published_at |
2026-04-24T12:55:00Z |
|
| 10 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58679 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58684 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29545 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29545
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ebhp-kzkz-euhu |
|
| 54 |
| url |
VCID-efvs-1tuf-guf4 |
| vulnerability_id |
VCID-efvs-1tuf-guf4 |
| summary |
Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4712 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03592 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03584 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03538 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03528 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03572 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.0355 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03549 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03524 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03461 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03449 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03475 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00016 |
| scoring_system |
epss |
| scoring_elements |
0.03499 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-4712 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-4712
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-efvs-1tuf-guf4 |
|
| 55 |
| url |
VCID-f4ja-2ydw-cufu |
| vulnerability_id |
VCID-f4ja-2ydw-cufu |
| summary |
The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11693 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52333 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52441 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52402 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52415 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52431 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52381 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52386 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52339 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.0029 |
| scoring_system |
epss |
| scoring_elements |
0.52367 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00393 |
| scoring_system |
epss |
| scoring_elements |
0.60312 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00393 |
| scoring_system |
epss |
| scoring_elements |
0.60327 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00393 |
| scoring_system |
epss |
| scoring_elements |
0.60284 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-11693 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-11693
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f4ja-2ydw-cufu |
|
| 56 |
| url |
VCID-f8c7-p8nz-bbap |
| vulnerability_id |
VCID-f8c7-p8nz-bbap |
| summary |
A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29532 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22557 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22642 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22627 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22611 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22685 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22475 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00079 |
| scoring_system |
epss |
| scoring_elements |
0.23453 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00079 |
| scoring_system |
epss |
| scoring_elements |
0.23508 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00085 |
| scoring_system |
epss |
| scoring_elements |
0.24527 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00085 |
| scoring_system |
epss |
| scoring_elements |
0.24471 |
| published_at |
2026-04-24T12:55:00Z |
|
| 10 |
| value |
0.00085 |
| scoring_system |
epss |
| scoring_elements |
0.24552 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00085 |
| scoring_system |
epss |
| scoring_elements |
0.24561 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29532 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29532
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f8c7-p8nz-bbap |
|
| 57 |
| url |
VCID-g2et-bnvt-9fem |
| vulnerability_id |
VCID-g2et-bnvt-9fem |
| summary |
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17021 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64687 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.6467 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64681 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64667 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64553 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64607 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64635 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64593 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64641 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64657 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64674 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64662 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64634 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17021 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-17021
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g2et-bnvt-9fem |
|
| 58 |
| url |
VCID-h4r6-jrxh-6kcf |
| vulnerability_id |
VCID-h4r6-jrxh-6kcf |
| summary |
JIT optimizations involving the Javascript arguments object could confuse later optimizations.
This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15656 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71973 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71932 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71915 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71898 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.7194 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71944 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71929 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71858 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71867 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71886 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71859 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71897 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.00695 |
| scoring_system |
epss |
| scoring_elements |
0.71908 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15656 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15656
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h4r6-jrxh-6kcf |
|
| 59 |
| url |
VCID-hhu1-cgcx-nfev |
| vulnerability_id |
VCID-hhu1-cgcx-nfev |
| summary |
During process shutdown, a document could have caused a use-after-free of a languages service object, leading to memory corruption and a potentially exploitable crash. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38498 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50665 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50623 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50536 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50626 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50572 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50592 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00272 |
| scoring_system |
epss |
| scoring_elements |
0.50619 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.7207 |
| published_at |
2026-04-24T12:55:00Z |
|
| 8 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72008 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.71993 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72034 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72041 |
| published_at |
2026-04-18T12:55:00Z |
|
| 12 |
| value |
0.007 |
| scoring_system |
epss |
| scoring_elements |
0.72026 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38498 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38498
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hhu1-cgcx-nfev |
|
| 60 |
| url |
VCID-j2ax-jb2h-byeu |
| vulnerability_id |
VCID-j2ax-jb2h-byeu |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4052 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39198 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.395 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.3951 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39472 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39455 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39506 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39478 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39393 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39491 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39515 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39429 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39484 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4052 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4052
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ax-jb2h-byeu |
|
| 61 |
| url |
VCID-jebk-6hja-ukfc |
| vulnerability_id |
VCID-jebk-6hja-ukfc |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9402 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31564 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31734 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31764 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31785 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31753 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31789 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31829 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31883 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31796 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31745 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31926 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31826 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9402 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9402
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-jebk-6hja-ukfc |
|
| 62 |
| url |
VCID-k3ec-bt9r-pkhg |
| vulnerability_id |
VCID-k3ec-bt9r-pkhg |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9397 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44352 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44433 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44502 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44511 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44456 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44486 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.4447 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44455 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44463 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44412 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00218 |
| scoring_system |
epss |
| scoring_elements |
0.44476 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9397 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9397
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k3ec-bt9r-pkhg |
|
| 63 |
| url |
VCID-kpun-mgtm-5uhd |
| vulnerability_id |
VCID-kpun-mgtm-5uhd |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9399 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49361 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49391 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49395 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49321 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49358 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49304 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49349 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49347 |
| published_at |
2026-04-24T12:55:00Z |
|
| 8 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49345 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49371 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.0026 |
| scoring_system |
epss |
| scoring_elements |
0.49353 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9399 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9399
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kpun-mgtm-5uhd |
|
| 64 |
| url |
VCID-krg2-d4vy-z7fu |
| vulnerability_id |
VCID-krg2-d4vy-z7fu |
| summary |
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17015 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76187 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76161 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76165 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76148 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76061 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76064 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76096 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76075 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76109 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76122 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76147 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.76123 |
| published_at |
2026-04-12T12:55:00Z |
|
| 12 |
| value |
0.00932 |
| scoring_system |
epss |
| scoring_elements |
0.7612 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17015 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-17015
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-krg2-d4vy-z7fu |
|
| 65 |
| url |
VCID-m92a-91pv-dffv |
| vulnerability_id |
VCID-m92a-91pv-dffv |
| summary |
If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-35112 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67347 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67331 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67351 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67338 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67303 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.6735 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67328 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67228 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67289 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67266 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00532 |
| scoring_system |
epss |
| scoring_elements |
0.67318 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-35112 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-35112
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m92a-91pv-dffv |
|
| 66 |
| url |
VCID-mkyz-6v1k-wyen |
| vulnerability_id |
VCID-mkyz-6v1k-wyen |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29987 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54233 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54249 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54231 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.5421 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54252 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54129 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54147 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54176 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54151 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54203 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.0031 |
| scoring_system |
epss |
| scoring_elements |
0.54199 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29987 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29987
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mkyz-6v1k-wyen |
|
| 67 |
| url |
VCID-mp4n-ez8p-63ek |
| vulnerability_id |
VCID-mp4n-ez8p-63ek |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28163 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47916 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47933 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47901 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47978 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47984 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47929 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.4792 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47942 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47918 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47923 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47871 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-28163 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-28163
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mp4n-ez8p-63ek |
|
| 68 |
| url |
VCID-mqte-f1hw-2ya5 |
| vulnerability_id |
VCID-mqte-f1hw-2ya5 |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22753 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61406 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61418 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61345 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61435 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61431 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61393 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61412 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61427 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61405 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61374 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.61343 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00411 |
| scoring_system |
epss |
| scoring_elements |
0.6139 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22753 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22753
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mqte-f1hw-2ya5 |
|
| 69 |
| url |
VCID-mup7-wezz-gkgc |
| vulnerability_id |
VCID-mup7-wezz-gkgc |
| summary |
When receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3032 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61159 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61175 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61162 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61143 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61183 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61189 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.6117 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61097 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61125 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61091 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61139 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00407 |
| scoring_system |
epss |
| scoring_elements |
0.61155 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-3032 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-3032
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mup7-wezz-gkgc |
|
| 70 |
| url |
VCID-myv9-89b8-w7dm |
| vulnerability_id |
VCID-myv9-89b8-w7dm |
| summary |
In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the SEE_MASK_FLAG_NO_UI flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won’t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. *Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-5174 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67653 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67654 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.6764 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67608 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67642 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67633 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67531 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67567 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67589 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67618 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.0054 |
| scoring_system |
epss |
| scoring_elements |
0.67632 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-5174 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-5174
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-myv9-89b8-w7dm |
|
| 71 |
| url |
VCID-n8hk-44ah-bugr |
| vulnerability_id |
VCID-n8hk-44ah-bugr |
| summary |
Due to insufficient escaping of the ampersand character in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4084 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51691 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51704 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5175 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5169 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5165 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.517 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51664 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51739 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51759 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51752 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51711 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51728 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4084 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-4084
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n8hk-44ah-bugr |
|
| 72 |
| url |
VCID-pmkt-c3bw-zkhz |
| vulnerability_id |
VCID-pmkt-c3bw-zkhz |
| summary |
By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9398 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74237 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74202 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74209 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74121 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74152 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74119 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74147 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74201 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74163 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.7417 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74188 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00806 |
| scoring_system |
epss |
| scoring_elements |
0.74166 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-9398 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-9398
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pmkt-c3bw-zkhz |
|
| 73 |
| url |
VCID-pn68-e9g7-qbf1 |
| vulnerability_id |
VCID-pn68-e9g7-qbf1 |
| summary |
The executable file warning did not warn users before opening files with the terminal extension. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-6426 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12918 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12989 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12968 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.13039 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12839 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.14109 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.13899 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.13908 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.14014 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00046 |
| scoring_system |
epss |
| scoring_elements |
0.14068 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33404 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.00138 |
| scoring_system |
epss |
| scoring_elements |
0.33771 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-6426 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-6426
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pn68-e9g7-qbf1 |
|
| 74 |
| url |
VCID-pst5-367g-h7cs |
| vulnerability_id |
VCID-pst5-367g-h7cs |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8386 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50578 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50627 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50622 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.5058 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50595 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50617 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50543 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.5057 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50523 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50575 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00271 |
| scoring_system |
epss |
| scoring_elements |
0.50605 |
| published_at |
2026-04-21T12:55:00Z |
|
| 11 |
| value |
0.00299 |
| scoring_system |
epss |
| scoring_elements |
0.53285 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8386 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8386
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pst5-367g-h7cs |
|
| 75 |
| url |
VCID-pv9q-fcta-ffbq |
| vulnerability_id |
VCID-pv9q-fcta-ffbq |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4577 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.2783 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.28067 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.28073 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.2803 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27973 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27981 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27963 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27915 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.28118 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.28161 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.27958 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00102 |
| scoring_system |
epss |
| scoring_elements |
0.28025 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4577 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4577
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pv9q-fcta-ffbq |
|
| 76 |
| url |
VCID-q5ch-b97k-k3hp |
| vulnerability_id |
VCID-q5ch-b97k-k3hp |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29982 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59614 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59621 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59654 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59661 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59645 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59506 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.5958 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59605 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59574 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59625 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59638 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.59658 |
| published_at |
2026-04-11T12:55:00Z |
|
| 12 |
| value |
0.00383 |
| scoring_system |
epss |
| scoring_elements |
0.5964 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29982 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29982
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q5ch-b97k-k3hp |
|
| 77 |
| url |
VCID-q77k-hc9g-9fhm |
| vulnerability_id |
VCID-q77k-hc9g-9fhm |
| summary |
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain network, grants normal remote users access to start or stop the service. This could be used to prevent the browser update service from operating (if an attacker spammed the 'Stop' command); but also exposed attack surface in the maintenance service.*Note: This issue only affected Windows operating systems older than Win 10 build 1709. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29951 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67318 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67307 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67271 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67306 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67319 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67298 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67198 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67235 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67259 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67236 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.67287 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.673 |
| published_at |
2026-04-09T12:55:00Z |
|
| 12 |
| value |
0.00531 |
| scoring_system |
epss |
| scoring_elements |
0.6732 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29951 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29951
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q77k-hc9g-9fhm |
|
| 78 |
| url |
VCID-qd97-asaa-2fey |
| vulnerability_id |
VCID-qd97-asaa-2fey |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8385 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51195 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51247 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51269 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51262 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51224 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51164 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51181 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51206 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51238 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51259 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51216 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51219 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8385 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8385
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qd97-asaa-2fey |
|
| 79 |
| url |
VCID-qhwf-9n5n-hbaa |
| vulnerability_id |
VCID-qhwf-9n5n-hbaa |
| summary |
The code for downloading files did not properly take care of special characters,
which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15658 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65644 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65642 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65627 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65599 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65634 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65647 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65629 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65513 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65562 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65592 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65558 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65611 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.00491 |
| scoring_system |
epss |
| scoring_elements |
0.65623 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15658 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15658
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qhwf-9n5n-hbaa |
|
| 80 |
| url |
VCID-qv7a-3c41-x3cr |
| vulnerability_id |
VCID-qv7a-3c41-x3cr |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38477 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.4189 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41906 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41979 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41961 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41952 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41988 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41939 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41953 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41991 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41967 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00198 |
| scoring_system |
epss |
| scoring_elements |
0.41956 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00211 |
| scoring_system |
epss |
| scoring_elements |
0.43578 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-38477 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-38477
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qv7a-3c41-x3cr |
|
| 81 |
| url |
VCID-rsy6-acfe-ffb5 |
| vulnerability_id |
VCID-rsy6-acfe-ffb5 |
| summary |
The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.*This bug only affects Firefox for Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22744 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63368 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63349 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63302 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63371 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63363 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63329 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63382 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63365 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63347 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.6333 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00443 |
| scoring_system |
epss |
| scoring_elements |
0.63296 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22744 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22744
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rsy6-acfe-ffb5 |
|
| 82 |
| url |
VCID-s3vw-7gyn-ubdt |
| vulnerability_id |
VCID-s3vw-7gyn-ubdt |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3600 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.3906 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39362 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00178 |
| scoring_system |
epss |
| scoring_elements |
0.39276 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39776 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39832 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39831 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39845 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39854 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39819 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39802 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39852 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39855 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-3600 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-3600
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-s3vw-7gyn-ubdt |
|
| 83 |
| url |
VCID-sjy7-cp3x-nfh2 |
| vulnerability_id |
VCID-sjy7-cp3x-nfh2 |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the
worst of which may allow execution of arbitrary code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12368 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83526 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83475 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83469 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83464 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.835 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83502 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83504 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.834 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83413 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83428 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83427 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83451 |
| published_at |
2026-04-08T12:55:00Z |
|
| 12 |
| value |
0.01952 |
| scoring_system |
epss |
| scoring_elements |
0.83461 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-12368 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-12368
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sjy7-cp3x-nfh2 |
|
| 84 |
| url |
VCID-snbc-j4e3-uff1 |
| vulnerability_id |
VCID-snbc-j4e3-uff1 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4582 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00657 |
| scoring_system |
epss |
| scoring_elements |
0.71103 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00718 |
| scoring_system |
epss |
| scoring_elements |
0.72395 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74014 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.73995 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.73966 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74036 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74051 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74059 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.7405 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74011 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00798 |
| scoring_system |
epss |
| scoring_elements |
0.74018 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4582 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4582
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-snbc-j4e3-uff1 |
|
| 85 |
| url |
VCID-t769-2t1u-57b6 |
| vulnerability_id |
VCID-t769-2t1u-57b6 |
| summary |
Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.*This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38505 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57782 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57784 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57719 |
| published_at |
2026-04-24T12:55:00Z |
|
| 3 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57786 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57757 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57778 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.5776 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.57727 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00354 |
| scoring_system |
epss |
| scoring_elements |
0.578 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63387 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.633 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.6336 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38505 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38505
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t769-2t1u-57b6 |
|
| 86 |
| url |
VCID-t8mb-cdc3-6ydq |
| vulnerability_id |
VCID-t8mb-cdc3-6ydq |
| summary |
Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-6600 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35779 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35495 |
| published_at |
2026-04-24T12:55:00Z |
|
| 2 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.3573 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35791 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38249 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.3819 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.3814 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38272 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38158 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38182 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00169 |
| scoring_system |
epss |
| scoring_elements |
0.38217 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-6600 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-6600
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-t8mb-cdc3-6ydq |
|
| 87 |
| url |
VCID-tfny-yt17-mffx |
| vulnerability_id |
VCID-tfny-yt17-mffx |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4054 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09284 |
| published_at |
2026-04-11T12:55:00Z |
|
| 1 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09242 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09164 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09243 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09281 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09254 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09195 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09319 |
| published_at |
2026-04-24T12:55:00Z |
|
| 8 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.0927 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09114 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.09133 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00032 |
| scoring_system |
epss |
| scoring_elements |
0.0924 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4054 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4054
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tfny-yt17-mffx |
|
| 88 |
| url |
VCID-tjp3-ck7p-5qg3 |
| vulnerability_id |
VCID-tjp3-ck7p-5qg3 |
| summary |
An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2605 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55039 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55105 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.5506 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.5511 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55061 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55085 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55125 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55084 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55102 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0032 |
| scoring_system |
epss |
| scoring_elements |
0.55122 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2605 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-2605
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tjp3-ck7p-5qg3 |
|
| 89 |
| url |
VCID-tnxh-tgsm-tuex |
| vulnerability_id |
VCID-tnxh-tgsm-tuex |
| summary |
A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.*This bug only affects Firefox for Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22746 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30799 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30958 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31111 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30992 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31009 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30979 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31024 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31068 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31062 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31158 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.30976 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.0012 |
| scoring_system |
epss |
| scoring_elements |
0.31033 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-22746 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-22746
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tnxh-tgsm-tuex |
|
| 90 |
| url |
VCID-tq43-rx5u-eybv |
| vulnerability_id |
VCID-tq43-rx5u-eybv |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4583 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35007 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35053 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34933 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34978 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35011 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.35026 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34701 |
| published_at |
2026-04-24T12:55:00Z |
|
| 7 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34931 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34974 |
| published_at |
2026-04-18T12:55:00Z |
|
| 9 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.3499 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34951 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00146 |
| scoring_system |
epss |
| scoring_elements |
0.34975 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4583 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4583
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tq43-rx5u-eybv |
|
| 91 |
| url |
VCID-u5n5-6h82-tqhw |
| vulnerability_id |
VCID-u5n5-6h82-tqhw |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25734 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39233 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39428 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39526 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39513 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39541 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39491 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39508 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39546 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39535 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39465 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39519 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00179 |
| scoring_system |
epss |
| scoring_elements |
0.39549 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-25734 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-25734
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u5n5-6h82-tqhw |
|
| 92 |
| url |
VCID-urpr-qse2-7kcf |
| vulnerability_id |
VCID-urpr-qse2-7kcf |
| summary |
Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26966 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63425 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63386 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63421 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63428 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63407 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.633 |
| published_at |
2026-04-01T12:55:00Z |
|
| 6 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.6336 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63387 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63352 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63404 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63422 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00444 |
| scoring_system |
epss |
| scoring_elements |
0.63439 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-26966 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-26966
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-urpr-qse2-7kcf |
|
| 93 |
| url |
VCID-uuc6-a3xx-6khk |
| vulnerability_id |
VCID-uuc6-a3xx-6khk |
| summary |
Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9801 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58743 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58792 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58797 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58775 |
| published_at |
2026-04-21T12:55:00Z |
|
| 4 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58647 |
| published_at |
2026-04-01T12:55:00Z |
|
| 5 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58731 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58752 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.5872 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58772 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58779 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58798 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00368 |
| scoring_system |
epss |
| scoring_elements |
0.58759 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-9801 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-9801
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uuc6-a3xx-6khk |
|
| 94 |
| url |
VCID-v9ua-1tey-cyaa |
| vulnerability_id |
VCID-v9ua-1tey-cyaa |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-46875 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34404 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34412 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34485 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34483 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34454 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34545 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34517 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34442 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34457 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34422 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00142 |
| scoring_system |
epss |
| scoring_elements |
0.34446 |
| published_at |
2026-04-12T12:55:00Z |
|
| 11 |
| value |
0.00151 |
| scoring_system |
epss |
| scoring_elements |
0.35495 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-46875 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-46875
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-v9ua-1tey-cyaa |
|
| 95 |
| url |
VCID-vtjf-sufh-p3h4 |
| vulnerability_id |
VCID-vtjf-sufh-p3h4 |
| summary |
crossbeam-deque Data Race before v0.7.4 and v0.8.1
### Impact
In the affected version of this crate, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this still can cause a logical bug.
Crates using `Stealer::steal`, `Stealer::steal_batch`, or `Stealer::steal_batch_and_pop` are affected by this issue.
### Patches
This has been fixed in crossbeam-deque 0.8.1 and 0.7.4.
### Credits
This issue was reported and fixed by Maor Kleinberger.
### License
This advisory is in the public domain. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-32810 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.7777 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.77847 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.7782 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.77815 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.77787 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.77804 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.01079 |
| scoring_system |
epss |
| scoring_elements |
0.77777 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.01094 |
| scoring_system |
epss |
| scoring_elements |
0.78013 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.01094 |
| scoring_system |
epss |
| scoring_elements |
0.7798 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.01094 |
| scoring_system |
epss |
| scoring_elements |
0.77979 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.01094 |
| scoring_system |
epss |
| scoring_elements |
0.78038 |
| published_at |
2026-04-24T12:55:00Z |
|
| 11 |
| value |
0.01094 |
| scoring_system |
epss |
| scoring_elements |
0.78006 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-32810 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
|
| 49 |
|
| 50 |
|
| 51 |
|
| 52 |
|
| 53 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-32810, GHSA-pqqp-xmhj-wgcw
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vtjf-sufh-p3h4 |
|
| 96 |
| url |
VCID-vun4-z8ju-gbbc |
| vulnerability_id |
VCID-vun4-z8ju-gbbc |
| summary |
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with administrative privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with system privileges.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15663 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82205 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82137 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82156 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82147 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82141 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82179 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82182 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82074 |
| published_at |
2026-04-01T12:55:00Z |
|
| 8 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82086 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82107 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.82103 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.01674 |
| scoring_system |
epss |
| scoring_elements |
0.8213 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15663 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15663
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vun4-z8ju-gbbc |
|
| 97 |
| url |
VCID-vw4n-4r41-ukbp |
| vulnerability_id |
VCID-vw4n-4r41-ukbp |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5727 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43666 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43716 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43767 |
| published_at |
2026-04-08T12:55:00Z |
|
| 3 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43771 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43791 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43742 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43804 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43795 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43728 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43758 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00212 |
| scoring_system |
epss |
| scoring_elements |
0.43783 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5727 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5727
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vw4n-4r41-ukbp |
|
| 98 |
| url |
VCID-vzg5-b77s-g3ft |
| vulnerability_id |
VCID-vzg5-b77s-g3ft |
| summary |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-34478 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35086 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.3532 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35422 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35373 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35384 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35345 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35367 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35403 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35401 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.3533 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00148 |
| scoring_system |
epss |
| scoring_elements |
0.35377 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-34478 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-34478
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vzg5-b77s-g3ft |
|
| 99 |
| url |
VCID-wk26-kc1d-9qcy |
| vulnerability_id |
VCID-wk26-kc1d-9qcy |
| summary |
Firefox could be made to load attacker-supplied DLL files from the installation directory.
This required an attacker that is already capable of placing files in the installation directory.
*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15657 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.41904 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42013 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42062 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42035 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.41965 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42026 |
| published_at |
2026-04-02T12:55:00Z |
|
| 6 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42055 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.41992 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42042 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42054 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42076 |
| published_at |
2026-04-11T12:55:00Z |
|
| 11 |
| value |
0.00199 |
| scoring_system |
epss |
| scoring_elements |
0.42037 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-15657 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-15657
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wk26-kc1d-9qcy |
|
| 100 |
| url |
VCID-wzxk-316c-xqcg |
| vulnerability_id |
VCID-wzxk-316c-xqcg |
| summary |
When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.*This bug only affects Firefox for Windows. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-31739 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64996 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64976 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64992 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.6491 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64981 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64944 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64972 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64982 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64964 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.6495 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.64937 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00477 |
| scoring_system |
epss |
| scoring_elements |
0.649 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-31739 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-31739
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wzxk-316c-xqcg |
|
| 101 |
| url |
VCID-x8sj-apw2-e3h6 |
| vulnerability_id |
VCID-x8sj-apw2-e3h6 |
| summary |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29981 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63435 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.6345 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63433 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63398 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63439 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63417 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.6331 |
| published_at |
2026-04-01T12:55:00Z |
|
| 7 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.6337 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63397 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63363 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63415 |
| published_at |
2026-04-08T12:55:00Z |
|
| 11 |
| value |
0.00445 |
| scoring_system |
epss |
| scoring_elements |
0.63432 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29981 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29981
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x8sj-apw2-e3h6 |
|
| 102 |
| url |
VCID-xrg1-azru-5qf1 |
| vulnerability_id |
VCID-xrg1-azru-5qf1 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4051 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34193 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34205 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34269 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34172 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34196 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34236 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34207 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34165 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.0014 |
| scoring_system |
epss |
| scoring_elements |
0.34301 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.36232 |
| published_at |
2026-04-24T12:55:00Z |
|
| 10 |
| value |
0.00157 |
| scoring_system |
epss |
| scoring_elements |
0.3646 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4051 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4051
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xrg1-azru-5qf1 |
|
| 103 |
| url |
VCID-yfmg-82tr-gfec |
| vulnerability_id |
VCID-yfmg-82tr-gfec |
| summary |
The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38510 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64446 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64462 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64492 |
| published_at |
2026-04-24T12:55:00Z |
|
| 3 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64479 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64467 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64433 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64472 |
| published_at |
2026-04-21T12:55:00Z |
|
| 7 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64398 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00467 |
| scoring_system |
epss |
| scoring_elements |
0.64474 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64564 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64482 |
| published_at |
2026-04-01T12:55:00Z |
|
| 11 |
| value |
0.0047 |
| scoring_system |
epss |
| scoring_elements |
0.64535 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-38510 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-38510
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmg-82tr-gfec |
|
| 104 |
| url |
VCID-ygrd-4scr-wkau |
| vulnerability_id |
VCID-ygrd-4scr-wkau |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4053 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34567 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34884 |
| published_at |
2026-04-09T12:55:00Z |
|
| 2 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34887 |
| published_at |
2026-04-11T12:55:00Z |
|
| 3 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.3485 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34826 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34865 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34849 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34805 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34904 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34931 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.3481 |
| published_at |
2026-04-07T12:55:00Z |
|
| 11 |
| value |
0.00145 |
| scoring_system |
epss |
| scoring_elements |
0.34855 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-4053 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-4053
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ygrd-4scr-wkau |
|
| 105 |
| url |
VCID-yust-3g8v-muas |
| vulnerability_id |
VCID-yust-3g8v-muas |
| summary |
The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.* |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3863 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.566 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56663 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56664 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56642 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56643 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56691 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56693 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56662 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56683 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56708 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56699 |
| published_at |
2026-04-09T12:55:00Z |
|
| 11 |
| value |
0.00338 |
| scoring_system |
epss |
| scoring_elements |
0.56695 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3863 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-3863
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yust-3g8v-muas |
|
| 106 |
| url |
VCID-z23q-ts2f-17a3 |
| vulnerability_id |
VCID-z23q-ts2f-17a3 |
| summary |
Normally Mozilla-based clients prevent web content from linking to local files
but Eric Foley reports a partial bypass of this restriction by using Windows
filename syntax (on a Windows computer) rather than a file:/// URL as the
SRC= attribute. The image will not be loaded on the web page--it will appear as
a broken image--but if a user can be convinced to right-click and select
"View Image" then the content will be loaded. Since the image will replace
the current document attacker script cannot be run on it. Loading a local
file at a known location is about the extent of this attack.If the local file is a media file an external helper program may be launched
to play the media depending on your settings. The action will be the same
as if you had clicked on a remote link of the same media type and does not
present any additional risk. Local files identified as executable will
never be opened in this way, with "executable" broadly
defined on windows to include many scriptable document formats with a history
of being abused.By referencing a local device rather than a file this could be used
as a limited denial-of-service attack to hang the browser. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1942 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.8647 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86371 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86381 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86398 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.864 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86419 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86429 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86443 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86442 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86436 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86453 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86457 |
| published_at |
2026-04-18T12:55:00Z |
|
| 12 |
| value |
0.0294 |
| scoring_system |
epss |
| scoring_elements |
0.86451 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2006-1942 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2006-1942
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z23q-ts2f-17a3 |
|
| 107 |
| url |
VCID-zdbt-zhtq-xfhj |
| vulnerability_id |
VCID-zdbt-zhtq-xfhj |
| summary |
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect Firefox running on other operating systems. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-11713 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11193 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11255 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11124 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11313 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11122 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11374 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11258 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11178 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11259 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11286 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11319 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-11713 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-11713
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zdbt-zhtq-xfhj |
|
| 108 |
| url |
VCID-zjn8-79ab-tqd3 |
| vulnerability_id |
VCID-zjn8-79ab-tqd3 |
| summary |
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5726 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.385 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38753 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38764 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38776 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38739 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38712 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38758 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38736 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38657 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38752 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38774 |
| published_at |
2026-04-04T12:55:00Z |
|
| 11 |
| value |
0.00173 |
| scoring_system |
epss |
| scoring_elements |
0.38703 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-5726 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-5726
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zjn8-79ab-tqd3 |
|