Exploit for Improper Input Validation in Alibaba Fastjson

Lab 6-CVE-2017-18349 I. SYSTEM ANALYSIS Attack S...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Other issue in the WebRTC component CVE-2026-8094 firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2...

OESA-2026-2352 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

OESA-2026-2351 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

OESA-2026-2350 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

CVE-2026-42283

DevSpace UI server WebSocket checks pre-6.3.21 allowed cross-origin connections by default, exposing endpoints via ws://127.0.0.1:8090. A malicious site could trigger a cross-origin WebSocket from the user’s browser to access sensitive endpoints such as /api/logs, /api/enter, and /api/command, en...

DevSpace 信息泄露漏洞

DevSpace is a client developer tool for cloud-native development using Kubernetes, developed by DevSpace Inc. Versions prior to DevSpace 6.3.21 contained an information leakage vulnerability. This vulnerability stemmed from the UI server’s WebSocket feature, which accepts connections from all...

Debian dla-4582 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4582 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4582-1 [email protected]...

CVE-2026-8090

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Networking component...

SUSE CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2...

Mozilla Thunderbird < 150.0.2

The version of Thunderbird installed on the remote Windows host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-43 advisory. - Memory safety bugs present in Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and w...

Mozilla Thunderbird < 150.0.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 150.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-43 advisory. - Memory safety bugs present in Thunderbird 150.0.1. Some of these bugs showed evidence of memory...

DEBIAN-CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2...

CVE-2026-8090

Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, and Firefox ESR 115.35.2...

Linux Distros Unpatched Vulnerability : CVE-2026-8090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0....

KLA91024 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in the DOM: Networking component can be exploited...

CVE-2025-8090

Null pointer dereference in the MsgRegisterEvent system call could allow an attacker with local access and code execution abilities to crash the QNX Neutrino kernel...

CVE-2025-8090

creationtimestamp| type| source ---|---|--- 2026-01-13 17:52:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcd4oott2o2c...

CVE-2025-8090

CVE-2025-8090 describes a null pointer dereference in the MsgRegisterEvent() system call of the QNX Neutrino Kernel . Public details in connected sources indicate vulnerability within QNX SDP 7.1/7.0 and QNX OS for Safety 2.0–2.2, with an attacker able to gain local access and code execution to c...