Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-14345
A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction coordination logic to misinterpret the transaction as committed, resulting in inconsistent state on those shards. This may lead to low integrity and availability impact. This issue impacts MongoDB Server v8.0 versions prior to 8.0.16, MongoDB Server v7.0 versions prior to 7.0.26 and MongoDB server v8.2 versions prior to 8.2.2.
CVSS Score
4.2
EPSS Score
0.001
Published
2025-12-09
CVE-2025-14325
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-12-09
CVE-2025-14326
Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-09
CVE-2025-14327
Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox < 146, Thunderbird < 146, Firefox ESR < 140.7, and Thunderbird < 140.7.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-14328
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-12-09
CVE-2025-14329
Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
8.8
EPSS Score
0.0
Published
2025-12-09
CVE-2025-14330
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-12-09
CVE-2025-14331
Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-09
CVE-2025-14332
Memory safety bugs present in Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Thunderbird < 146.
CVSS Score
7.3
EPSS Score
0.001
Published
2025-12-09
CVE-2025-14333
Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved