Lucene search
K

200 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:28 a.m.11 views

SUSE CVE-2025-8030

Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

5.3CVSS7.2AI score0.00306EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/05/29 1:27 a.m.15 views

SUSE CVE-2025-11713

Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and...

8.1CVSS5.9AI score0.00327EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/20 3:2 a.m.10 views

SUSE CVE-2025-5264

Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...

4.8CVSS7AI score0.00135EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/05/15 2:2 a.m.10 views

SUSE CVE-2025-5265

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...

4.8CVSS6.7AI score0.00141EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-4084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of the special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading ...

5.7CVSS6.9AI score0.00344EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 4 : thunderbird-68.8.0-1.AXS4 (AXSA:2020-057:04)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-057:04 advisory. Mozilla: Use-after-free during worker shutdown CVE-2020-12387 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12395...

10CVSS8.3AI score0.05803EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : firefox-68.6.0-1.0.1.el7.AXS7 (AXSA:2020-4500:06)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4500:06 advisory. Mozilla: Use-after-free when removing data about origins CVE-2020-6805 Mozilla: BodyStream::OnInputStreamReady was missing protections against state...

9.8CVSS8.4AI score0.03191EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.8 views

TencentOS Server 3: firefox (TSSA-2025:0452)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0452 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.1CVSS7.4AI score0.00398EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Mozilla Thunderbird < 68.6

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-10 advisory. - Mozilla developers Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present ...

9.8CVSS8AI score0.03191EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Mozilla Thunderbird < 68.6

The version of Thunderbird installed on the remote Windows host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-10 advisory. - Mozilla developers Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present in...

9.8CVSS8AI score0.03191EPSS
Exploits2References8
SUSE Linux
SUSE Linux
added 2025/11/10 8:0 a.m.6 views

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...

9.8CVSS8AI score0.00465EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

8.1CVSS5.7AI score0.00306EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/10/27 1:9 p.m.7 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...

9.8CVSS7.9AI score0.00465EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-11713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient escaping in the Copy as cURL feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the...

8.1CVSS5.9AI score0.00327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/25 12:0 a.m.2 views

SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2025:3775-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3775-1 advisory. Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708:...

9.8CVSS7.3AI score0.00465EPSS
Exploits0References18
SUSE Linux
SUSE Linux
added 2025/10/24 12:28 p.m.4 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...

9.8CVSS7.9AI score0.00465EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 12:23 p.m.4 views

SUSE-SU-2025:3775-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance - CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures -...

9.8CVSS7.9AI score0.00465EPSS
Exploits0References10
Mageia
Mageia
added 2025/10/23 7:37 p.m.9 views

Updated thunderbird packgaes fix security vulnerabilities

CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...

9.8CVSS7.9AI score0.00687EPSS
Exploits0References8
Mageia
Mageia
added 2025/10/23 7:37 p.m.6 views

Updated firefox, nss & rootcerts fix security vulnerabilities

CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...

9.8CVSS7.9AI score0.00687EPSS
Exploits0References8
OSV
OSV
added 2025/10/23 7:37 p.m.3 views

MGASA-2025-0247 Updated thunderbird packgaes fix security vulnerabilities

CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...

9.8CVSS7.9AI score0.00687EPSS
Exploits0References9
Rows per page
Query Builder