CVE-2025-21120
published 2025-08-04CVE-2025-21120: Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low…
PriorityP338medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.26%
17.8th percentile
Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | avamar | — | — |
| dell | avamar | — | — |
| dell | avamar | — | — |
| dell | avamar | — | — |
| dell | avamar | — | — |
| dell | avamar | — | — |
| dell | avamar_server | >= 19.8 through 19.10 < 19.10 SP1 with CHF 338904 or later | 19.10 SP1 with CHF 338904 or later |
| dell | avamar_virtual_edition | >= 19.8 through 19.10 < 19.10 SP1 with CHF 338904 or later | 19.10 SP1 with CHF 338904 or later |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2025-13012 firefox: thunderbird: Race condition in the Graphics component
bugzilla·2025-11-11·CVSS 7.5
CVE-2025-13012 [HIGH] CVE-2025-13012 firefox: thunderbird: Race condition in the Graphics component
CVE-2025-13012 firefox: thunderbird: Race condition in the Graphics component
Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, and Firefox ESR < 115.30.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10.0 Extended Update Support
Via RHSA-2025:21120 https://access.redhat.com/errata/RHSA-2025:21120
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9.6 Extended Update Support
Via RHSA-2025:21121 https://access.redhat.com/errata/RHSA-2025:21121
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2025:21281 https://access.redhat.com/errata/RHSA-2025:21281
---
This issue has been addressed in the fo
Bugzilla
CVE-2025-13017 firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component
bugzilla·2025-11-11·CVSS 8.1
CVE-2025-13017 [HIGH] CVE-2025-13017 firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component
CVE-2025-13017 firefox: thunderbird: Same-origin policy bypass in the DOM: Notifications component
Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10.0 Extended Update Support
Via RHSA-2025:21120 https://access.redhat.com/errata/RHSA-2025:21120
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9.6 Extended Update Support
Via RHSA-2025:21121 https://access.redhat.com/errata/RHSA-2025:21121
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2025:21281 https://access.redhat.com/errata/RHSA-2025:21281
---
This issue has been
Bugzilla
CVE-2025-13018 firefox: thunderbird: Mitigation bypass in the DOM: Security component
bugzilla·2025-11-11·CVSS 8.1
CVE-2025-13018 [HIGH] CVE-2025-13018 firefox: thunderbird: Mitigation bypass in the DOM: Security component
CVE-2025-13018 firefox: thunderbird: Mitigation bypass in the DOM: Security component
Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145 and Firefox ESR < 140.5.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10.0 Extended Update Support
Via RHSA-2025:21120 https://access.redhat.com/errata/RHSA-2025:21120
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9.6 Extended Update Support
Via RHSA-2025:21121 https://access.redhat.com/errata/RHSA-2025:21121
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2025:21281 https://access.redhat.com/errata/RHSA-2025:21281
---
This issue has been addressed in the following
2025-08-04
Published