MINI-6429-9HCQ-W95V

Bulletin has no description...

CVE-2026-6429

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

SUSE CVE-2026-6429

When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to host under certain circumstances...

CVE-2026-6429

creationtimestamp| type| source ---|---|--- 2026-04-29 07:10:54+00:00| seen| https://mastodon.social/users/bagder/statuses/116486743707813679 2026-04-29 07:11:04+00:00| seen| https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3mkmkagqvtir2 2026-04-29 07:16:06+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-6429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When asked to both use a .netrc file for credentials and to follow HTTP redirects, libcurl could leak the password used for the first host to the followed-to ho...

MiracleLinux 8 : firefox-128.12.0-1.el8_10.ML.1 (AXSA:2025-10425:20)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10425:20 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

TencentOS Server 4: firefox (TSSA-2025:0510)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0510 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

RockyLinux 10 : firefox (RLSA-2025:10073)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10073 advisory. firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet...

org.wso2.identity.apps:org.wso2.identity.apps.authentication.portal.server.feature (>=0.1.125 <=2.23.2) potentially affected by CVE-2024-6429 via org.wso2.identity.apps:authentication-portal (>=0.1.125 <=2.4.39)

org.wso2.identity.apps:authentication-portal MAVEN version =0.1.125, =0.1.125, =2.23.2 Source cves: CVE-2024-6429 Source advisory: OSV:GHSA-R6F3-55WJ-G9P3...

CVE-2024-6429

A content spoofing vulnerability exists in multiple WSO2 products due to improper error message handling. Under certain conditions, error messages are passed through URL parameters without validation, allowing malicious actors to inject arbitrary content into the UI. By exploiting this...

CVE-2024-6429

creationtimestamp| type| source ---|---|--- 2025-09-23 16:49:44+00:00| seen| Telegram/eD0dhT5XqVZD5Z6KwdKqTb3qyyxMuq26339ARlqNj3YYSA...

Mageia: Security Advisory (MGASA-2025-0228)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-6429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:02368-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02368-1 advisory. Update to Mozilla Thunderbird 128.12 MFSA 2025-55, bsc1244670: - CVE-2025-6424: Use-after-free ...

Oracle Linux 7 : firefox (ELSA-2025-10181)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2025-10181 advisory. 128.12.0-1.0.1 - Update to 128.12.0 Orabug: 38141310CVE-2025-6424CVE-2025-6425 CVE-2025-6429CVE-2025-6430 Tenable has extracted the preceding...

firefox security update

128.12.0-1.0.1 - Update to 128.12.0 Orabug: 38141310CVE-2025-6424CVE-2025-6425 CVE-2025-6429CVE-2025-6430...

Amazon Linux 2023 : firefox (ALAS2023-2025-1055)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1055 advisory. A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox or tag, potentially making a website vulnerable to a cross- site scripting attac...

OESA-2025-1717 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

Mageia: Security Advisory (MGASA-2025-0201)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Thunderbird < 128.12

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-55 advisory. - The executable file warning did not warn users before opening files with the terminal extension. This b...