tomcat: RCE due to TOCTOU issue in JSP compilation

A flaw was found in Tomcat. A Time-of-check Time-of-use TOCTOU race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to be treated as a JSP and executed, resulting in remote code...

Moderate: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

tomcat: RCE due to TOCTOU issue in JSP compilation

A flaw was found in Tomcat. A Time-of-check Time-of-use TOCTOU race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to be treated as a JSP and executed, resulting in remote code...

tomcat security update

1:9.0.87-2.el95.1 - Resolves: RHEL-82946 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 - Resolves: RHEL-71719 tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379...

ALSA-2025:3645 Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 For...

Moderate: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT CVE-2025-24813 For...

CVE-2025-3031

An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

CVE-2025-3031 JIT optimization bug with different stack slot sizes

An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function. This vulnerability was fixed in Firefox 137 and Thunderbird 137...

Mozilla -- stack memory read

[email protected] reports: An attacker could read 32 bits of values spilled onto the stack in a JIT compiled function...

Important: thunderbird

Issue Overview: Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100. CVE-2022-29912 The parent process would not properly check whether the Speech Synthesis feature is...

CLSA-2025-1741629749 libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

CLSA-2025-1741628775 libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

CLSA-2025-1741291888 libxml2: Fix of CVE-2025-27113

CVE-2025-27113: fix compilation of explicit child axis...

Linux Distros Unpatched Vulnerability : CVE-2025-1933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a...

CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1933

On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

Security Vulnerabilities fixed in Firefox ESR 115.21 — Mozilla

In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. It was possibl...

Mozilla Firefox ESR < 115.21

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.21. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-15 advisory. - Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and...

mozilla -- 64 bit JIT WASM read on left over memory

[email protected] reports: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...