firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corrupti...

Security Bulletin: A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798]

Summary A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java...

Security Bulletin: Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225]

Summary Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to and...

CVE-2025-70038

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code...

GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface

Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...

PT-2026-24393

Name of the Vulnerable Software and Affected Versions Substance3D - Stager versions 3.1.7 and earlier Description Substance3D - Stager versions 3.1.7 and earlier are susceptible to a Use After Free issue, potentially leading to arbitrary code execution with the privileges of the current user...

D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability

D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...

Adobe Premiere Pro 缓冲区错误漏洞

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. Adobe Premiere Pro suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause arbitrary code to be executed in the...

Adobe Substance3D Stager 资源管理错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a resource management vulnerability. This vulnerability stems from the reuse of resources after their release, potentially allowing arbitra...

Siemens COMOS has multiple vulnerabilities

COMOS is a unified data platform for collaborative plant design, operations and management that supports the collection, processing, retention and distribution of information throughout the plant lifecycle. Siemens COMOS has multiple vulnerabilities that can be exploited by attackers to execute...

PT-2026-24213

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148.0.2 Description Memory safety bugs were identified in Firefox 148.0.2. These bugs demonstrate evidence of memory corruption, and it is presumed that, with sufficient effort, they could potentially be exploited to...

Adobe Illustrator 代码问题漏洞

Adobe Illustrator is a vector-based image creation software developed by Adobe Inc. Versions 29.8.4, 30.1, and earlier of Adobe Illustrator have code vulnerabilities. These vulnerabilities stem from untrusted search paths, which may allow arbitrary code to be executed in the current user...

PT-2026-24390

Name of the Vulnerable Software and Affected Versions Substance3D - Stager versions 3.1.7 and earlier Description Substance3D - Stager versions 3.1.7 and earlier are susceptible to an out-of-bounds write issue. Successful exploitation of this issue could lead to arbitrary code execution with the...

Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

Adobe Substance3D Stager 缓冲区错误漏洞

Adobe Substance3D Stager is a 3D scene modeling and rendering software developed by Adobe Inc. Versions of Adobe Substance3D Stager 3.1.7 and earlier contain a buffer error vulnerability. This vulnerability stems from out-of-bounds writing, which may allow arbitrary code to execute under current...

Adobe Acrobat Reader 资源管理错误漏洞

Adobe Acrobat Reader is a PDF viewer developed by Adobe Inc. This software is used for printing, signing, and annotating PDF documents. Versions of Adobe Acrobat Reader such as 24.001.30307, 24.001.30308, 25.001.21265, and earlier versions have a resource management vulnerability. This...

PT-2026-24500

Name of the Vulnerable Software and Affected Versions Illustrator versions 29.8.4 and earlier Illustrator version 30.1 Description The software contains an out-of-bounds write issue that may allow for arbitrary code execution with the privileges of the current user. Successful exploitation requir...