Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active attack. Of the 138 flaws, 30 are rated Critical, 104 are rated Important, three are rated Moderate, and one is rated Low ...

Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability has...

MiracleLinux 9 : gcc-toolset-15-binutils-2.44-3.el9_7.1 (AXSA:2026-138:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-138:01 advisory. binutils: GNU Binutils Linker heap-based overflow CVE-2025-11083 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Linux Distros Unpatched Vulnerability : CVE-2025-4086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog...

Linux Distros Unpatched Vulnerability : CVE-2025-4090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability was fixed in Firefox...

MiracleLinux 7 : tomcat-7.0.76-12.el7 (AXSA:2020-138:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-138:02 advisory. tomcat: deserialization flaw in session persistence storage leading to RCE CVE-2020-9484 Tenable has extracted the preceding description block directly from t...

MiracleLinux 3 : systemtap-0.9.7-5.3.0.1.AXS3 (AXSA:2010-138:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-138:01 advisory. SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the...

TencentOS Server 3: firefox (TSSA-2025:0461)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0461 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987421 advisory. Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and w...

Linux Distros Unpatched Vulnerability : CVE-2025-4085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. Thi...

Linux Distros Unpatched Vulnerability : CVE-2025-5268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption...

Linux Distros Unpatched Vulnerability : CVE-2025-4091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption an...

Linux Distros Unpatched Vulnerability : CVE-2025-4089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading to...

OPENSUSE-SU-2025:15399-1 chromedriver-138.0.7204.183-1.1 on GA media

These are all security issues fixed in the chromedriver-138.0.7204.183-1.1 package on the GA media of openSUSE Tumbleweed...

DEBIAN-CVE-2025-8011

Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

[SECURITY] Fedora 42 Update: cef-138.0.25^chromium138.0.7204.157-1.fc42

CEF is an embeddable build of Chromium, powered by WebKit Blink...

CVE-2025-7656

Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Google Chrome Specifically for versions prior to 138.0.7204.96. The vulnerability is located in Google Chrome's V8 engine and is classified as a high severity confusion type vulnerability. This allows attackers to perform arbitrary read/write operations through...

CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

SUSE CVE-2025-5272

Memory safety bugs present in Firefox 138 and Thunderbird 138. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 139 and Thunderbird 139...