firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume th...

KLA91061 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in the Audio/Video: Web...

Astra Linux - уязвимость в firefox, thunderbird

When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a or tag. This could potentially make a website vulnerable to a cross-site scripting attack. This vulnerability has been fixed in Firefox 140, Firefox ESR 128.12,...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 139 and Thunderbird 139. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 140 and Thunderbird...

Astra Linux - уязвимость в firefox

Memory safety bugs exist in Firefox 140 and Thunderbird 140. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 141 and Thunderbird...

Astra Linux - уязвимость в firefox

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

Astra Linux - уязвимость в firefox, thunderbird

Uninitialized memory in the JavaScript Engine component. This vulnerability was fixed in Firefox 142, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

KLA91015 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in the Audio/Video...

CVE-2026-6747

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

Mozilla多款产品 安全漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

DEBIAN-CVE-2026-5732

Incorrect boundary conditions, integer overflow in the Graphics: Text component. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1...

OESA-2026-1451 libvpx security update

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. Security Fixes: Heap buffer overflow vulnerability exists in libvpx component...

CVE-2026-2447

Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

CVE-2026-0818 CSS-based exfiltration of the content from partially encrypted emails when allowing remote content

When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If...

CVE-2026-0818

CVE-2026-0818 concerns Thunderbird where decrypting an inline OpenPGP message embedded in HTML/CSS could render in a context with outer email CSS, potentially enabling exfiltration of secret content if remote content is allowed. Affected versions: Thunderbird < 147.0.1 and Thunderbird

MiracleLinux 7 : rh-php56-php-5.6.5-8.el7 (AXSA:2016-140:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-140:02 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers...