Lucene search
+L

264 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 8 : thunderbird-140.4.0-2.el8_10.ML.1 (AXSA:2025-11006:25)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11006:25 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL...

9.8CVSS7.1AI score0.00475EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.8 views

Memory DisOrder: Memory Re-Orderings As a Timerless Side-Channel

To improve efficiency, nearly all parallel processing units CPUs and GPUs implement relaxed memory models in which memory operations may be re-ordered, i.e., executed out-of-order. Prior testing work in this area found that memory re-orderings are observed more frequently when other cores are...

6.6AI score
Exploits0
Amd
Amd
added 2026/01/13 12:0 a.m.10 views

Memory Re-orderings as a Timerless Side-channel

Summary Researchers have provided AMD with a paper titled “MEMORY DISORDER: Memory Re-orderings as a Timerless Side-channel” In this work, the authors introduced MEMORY DISORDER, a timerless side-channel attack that exploits memory re-orderings to infer activity on other processes. They showed th...

6.8AI score
Exploits0
OSV
OSV
added 2026/01/06 3:15 p.m.7 views

CVE-2025-14979 Eddie VPN 2.24.6 - Local Privilege Escalation

AirVPN Eddie on MacOS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects Eddie: 2.24.6...

8.5CVSS6AI score0.00148EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.15 views

PT-2026-1436

Name of the Vulnerable Software and Affected Versions AirVPN Eddie version 2.24.6 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations Update to a newer version that contains a fix for this...

8.5CVSS6.9AI score0.00148EPSS
Exploits1References8
NVD
NVD
added 2025/12/12 9:15 p.m.7 views

CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...

7.8CVSS0.00355EPSS
Exploits2References10
Vulnrichment
Vulnrichment
added 2025/12/12 8:56 p.m.7 views

CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpect...

6AI score0.00355EPSS
Exploits2References8
EUVD
EUVD
added 2025/12/12 8:56 p.m.5 views

EUVD-2025-203138

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpect...

5.8AI score0.00355EPSS
Exploits2References9
CVE
CVE
added 2025/12/12 8:56 p.m.29 views

CVE-2025-43510

Connected documents confirm CVE-2025-43510 is a Copy-on-Write bug in the XNU kernel used in a multi-stage DarkSword exploit chain. The iOS/iPadOS/macOS chain details stage 4: sandbox escape from GPU to mediaplaybackd via this kernel bug, enabling broader privilege escalation. The vulnerability af...

7.8CVSS6.8AI score0.00355EPSS
In wildExploits2References10Affected Software6
Cvelist
Cvelist
added 2025/12/12 8:56 p.m.46 views

CVE-2025-43510

A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpect...

0.00355EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.8 views

PT-2025-50950

Name of the Vulnerable Software and Affected Versions BuhoNTFS version 1.3.2 Description BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions. The issue stems from vulnerabilities within the XPC service, enabli...

8.5CVSS6.8AI score0.00195EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2025/11/12 2:35 a.m.6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.00475EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/11/12 1:48 a.m.2 views

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/12 1:37 a.m.6 views

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/12 1:36 a.m.3 views

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/12 1:23 a.m.5 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

9.8CVSS6.8AI score0.00475EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/11/12 1:23 a.m.11 views

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/12 1:19 a.m.5 views

thunderbird: firefox: Cross-process information leaked due to malicious IPC messages

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.2 views

RHEL 8 : firefox (RHSA-2025:21057)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:21057 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: thunderbird...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2025:4006-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4006-1 advisory. This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to...

9.8CVSS7.2AI score0.00475EPSS
Exploits0References43
Rows per page
Query Builder