Jenkins Job Import Plugin 安全漏洞

The Jenkins Job Import Plugin is an open-source plugin for Jenkins that allows the import and migration of Jenkins tasks. The Jenkins Job Import Plugin versions 143.v044a2e819b27 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of permission checks at the HTT...

Astra Linux - уязвимость в firefox

Spoofing issue in the Site Permissions component. This vulnerability has been fixed in Firefox 143 and Thunderbird 143...

Astra Linux - уязвимость в firefox, thunderbird

Integer overflow in the SVG component. This vulnerability was fixed in Firefox 143, Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

Astra Linux - уязвимость в firefox, thunderbird

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

Astra Linux - уязвимость в firefox

Mitigation bypass in Web Compatibility: Tooling component. This vulnerability has been fixed in Firefox 143 and Thunderbird 143...

Astra Linux - уязвимость в firefox

A memory safety bug exists in Firefox 143 and Thunderbird 143. This bug exhibited signs of memory corruption, and we assume that with sufficient effort, this could have been exploited to execute arbitrary code. This vulnerability has been fixed in Firefox 144 and Thunderbird 144...

MiracleLinux 8 : osbuild-composer-101.4-2.el8_10.ML.1 (AXSA:2026-143:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-143:02 advisory. golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 Tenable has extracted the preceding description block directly from the...

EUVD-2025-206007

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through 1.2.4...

[SECURITY] Fedora 43 Update: chromium-143.0.7499.146-1.fc43

Chromium is an open-source web browser, powered by WebKit Blink...

[SECURITY] Fedora 43 Update: chromium-143.0.7499.109-2.fc43

Chromium is an open-source web browser, powered by WebKit Blink...

Fedora 42 : chromium (2025-a315866a59)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a315866a59 advisory. Update to 143.0.7499.109 High: Under coordination Medium CVE-2025-14372: Use after free in Password Manager Medium CVE-2025-14373: Inappropriate...

EUVD-2025-200295

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13633

Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-13720

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-13639

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13632

Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome prior to version 143.0.7499.41, which stems from an improper implementation of WebRTC and could allow a remote attacker to arbitrarily read or write through specially crafted HTML pages...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 143 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 143.0.7499.40 Linux 143.0.7499.40/41 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

thunderbird: firefox: Memory safety bugs

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 140.4, Thunderbird ESR 140.4, Firefox 144 and Thunderbird 144

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume th...