Astra Linux - уязвимость в thunderbird

An attacker could create a malicious link that uses bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox 117, Firefox ESR 115.4, and Thunderbird 115.4.1...

CVE-2026-7993

Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-5880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoo...

MiracleLinux 7 : firefox-102.11.0-2.0.1.el7.AXS7 (AXSA:2023-5464:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5464:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

MiracleLinux 9 : firefox-102.11.0-2.el9.ML.1 (AXSA:2023-6024:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6024:19 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

MiracleLinux 8 : thunderbird-102.11.0-1.el8.ML.1 (AXSA:2023-6153:18)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6153:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...

Linux Distros Unpatched Vulnerability : CVE-2017-2486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. The issue involves the WebKit component. It allo...

SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2025:03008-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03008-1 advisory. - Firefox Extended Support Release 140.2.0 ESR MFSA 2025-67 bsc1248162 CVE-2025-9179 bmo1979527...

Mozilla: Phishing site popup could show local origin in address bar

The Mozilla Foundation Security Advisory describes this flaw as: A phishing site could have repurposed an about: dialog to show phishing content with an incorrect origin in the address bar...

CVE-2023-5732

An attacker could have created a malicious link using bidirectional characters to spoof the location in the address bar when visited. This vulnerability affects Firefox 117, Firefox ESR 115.4, and Thunderbird 115.4.1...

RHEL 8 : thunderbird (RHSA-2023:3221)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3221 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Security Fixes: Mozilla...

RHEL 9 : firefox (RHSA-2023:3143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3143 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla: Potential spoof due to obscured address bar

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have positioned a datalist element to obscure the address bar...

Mozilla: Potential spoof due to obscured address bar

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have positioned a datalist element to obscure the address bar...

Updated thunderbird packages fix security vulnerability

Browser prompts could have been obscured by popups. CVE-2023-32205 Crash in RLBox Expat driver. CVE-2023-32206 Potential permissions request bypass via clickjacking. CVE-2023-32207 Content process crash due to invalid wasm code. CVE-2023-32211 Potential spoof due to obscured address bar...

Mozilla: Potential spoof due to obscured address bar

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could have positioned a datalist element to obscure the address bar...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE CVE-2012-1950

The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load...

SUSE CVE-2016-1942

Mozilla Firefox before 44.0 allows user-assisted remote attackers to spoof a trailing substring in the address bar by leveraging a user's paste of a 1 wyciwyg: URI or 2 resource: URI...

SUSE CVE-2016-1965

Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle a navigation sequence that returns to the original page, which allows remote attackers to spoof the address bar via vectors involving the history.back method and the location.protocol property...