200 matches found
SUSE CVE-2025-8030
Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
SUSE CVE-2025-11713
Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and...
SUSE CVE-2025-5264
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11,...
SUSE CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...
Linux Distros Unpatched Vulnerability : CVE-2025-4084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to insufficient escaping of the special characters in the copy as cURL feature, an attacker could trick a user into using this command, potentially leading ...
MiracleLinux 4 : thunderbird-68.8.0-1.AXS4 (AXSA:2020-057:04)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-057:04 advisory. Mozilla: Use-after-free during worker shutdown CVE-2020-12387 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 CVE-2020-12395...
MiracleLinux 7 : firefox-68.6.0-1.0.1.el7.AXS7 (AXSA:2020-4500:06)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4500:06 advisory. Mozilla: Use-after-free when removing data about origins CVE-2020-6805 Mozilla: BodyStream::OnInputStreamReady was missing protections against state...
TencentOS Server 3: firefox (TSSA-2025:0452)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0452 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Mozilla Thunderbird < 68.6
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-10 advisory. - Mozilla developers Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present ...
Mozilla Thunderbird < 68.6
The version of Thunderbird installed on the remote Windows host is prior to 68.6. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-10 advisory. - Mozilla developers Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present in...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...
Astra Linux – Vulnerability in Firefox and Thunderbird
Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...
Linux Distros Unpatched Vulnerability : CVE-2025-11713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient escaping in the Copy as cURL feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the...
SUSE SLED15: MozillaFirefox / MozillaFirefox-branding-upstream / etc (SUSE-SU-2025:3775-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3775-1 advisory. Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708:...
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures...
SUSE-SU-2025:3775-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.4.0 ESR bsc1251263. - CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance - CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures -...
Updated thunderbird packgaes fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
Updated firefox, nss & rootcerts fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...
MGASA-2025-0247 Updated thunderbird packgaes fix security vulnerabilities
CVE-2025-11708: Use-after-free in MediaTrackGraphImpl::GetInstance CVE-2025-11709: Out of bounds read/write in a privileged process triggered by WebGL textures CVE-2025-11710: Cross-process information leaked due to malicious IPC messages CVE-2025-11711: Some non-writable Object properties could ...