Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-41, MFSA 2026-48 bsc1265212, bsc1264378: CVE-2026-8090: Use-after-free in the DOM: Networking component. CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2,...

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

firefox: thunderbird: Sandbox escape in the Profile Backup component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the Profile Backup component...

CVE-2026-8401

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

CVE-2026-8401

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

CVE-2026-8401 Sandbox escape in the Profile Backup component

Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

PT-2026-40046

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150.0.3 Firefox ESR versions prior to 115.36 Firefox ESR versions prior to 140.11 Description A sandbox escape exists in the Profile Backup component. A sandbox is a security mechanism for separating running programs,...

CVE-2026-2627

A security flaw has been discovered in Softland FBackup up to 9.9. This impacts an unknown function in the library C:\Program Files\Common Files\microsoft shared\ink\HID.dll of the component Backup/Restore. The manipulation results in link following. The attack needs to be approached locally. The...

CVE-2023-49341

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-IIGV1.00.011, allows remote attackers to obtain sensitive information via cleartext credential storage in backup.htm component...

CVE-2023-50017

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/database/backup...

Design/Logic Flaw

An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to execute arbitrary code via the /files/backup/ component...

PT-2024-19634 · Zkteco · Zkteco Zkbio Wdms

Name of the Vulnerable Software and Affected Versions: zkteco zkbio WDMS version 8.0.5 Description: An issue in the software allows an attacker to execute arbitrary code via the "/files/backup/" component. Recommendations: For zkteco zkbio WDMS version 8.0.5, consider restricting access to the...

Directory traversal

Directory Traversal vulnerability in flusity CMS v.2.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via the downloadbackup.php component...

PT-2023-31456 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /admin/database/backup component. This allows for unauthorized actions to be performed on the system. Recommendations: For Dreamer CMS...

Joomla Akeeba Backup 6.3.3 Database Disclosure

Exploit Title : Joomla Akeeba Backup Components 6.3.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 19/01/2019 Vendor Homepage : akeebabackup.com Software Information Link : extensions.joomla.org/extension/akeeba-backup/ Software Download...

CVE-2016-0898

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM...

Apple iOS MobileBackup Backup Encryption Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices, and MobileBackup is one of the system backup components. A security vulnerability exists in the MobileBackup component in Apple iOS versions prior to 11. The vulnerability can be exploited by a remote attacker to read an...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors...