TencentOS Server 4: firefox (TSSA-2025:0712)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0712 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

OESA-2025-2595 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141...

OESA-2025-2593 firefox security update

Security Fixes: If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from differen...

OESA-2025-2592 firefox security update

Security Fixes: If temporary one-time permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from differen...

RLSA-2025:14416 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...

RockyLinux 9 : firefox (RLSA-2025:14416)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:14416 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due...

RLSA-2025:14417 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...

Oracle Linux 7 : firefox (ELSA-2025-15430)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-15430 advisory. 128.14.0-2.0.1 - Update to 128.14.0 Orabug: 38400668CVE-2025-9179CVE-2025-9180 CVE-2025-9181CVE-2025-9182CVE-2025-9185 Tenable has extracted the...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2025-042 (ALASFIREFOX-2025-042)

The version of firefox installed on the remote host is prior to 140.2.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-042 advisory. Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

firefox security update

An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

RHEL 8 : thunderbird (RHSA-2025:15437)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:15437 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory...

RHEL 9 : thunderbird (RHSA-2025:15434)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:15434 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory...

Mageia: Security Advisory (MGASA-2025-0227)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2025-0227 Updated rootcerts, nspr, nss & firefox packages fix vulnerabilities

JavaScript engine only wrote partial return value to stack. CVE-2025-8027 Large branch table could lead to truncated instruction. CVE-2025-8028 Javascript: URLs executed on object and embed tags. CVE-2025-8029 Potential user-assisted code execution in “Copy as cURL” command. CVE-2025-8030 Incorre...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:03007-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03007-1 advisory. Updated to Mozilla Thunderbird 140.2 MFSA 2025-72 bsc1248162: CVE-2025-9179: Sandbox escape due...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 bsc1248162 CVE-2025-9179 bmo1979527: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-9180 bmo1979782: Same-origin policy bypass in the Graphics:...