4 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-6431
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed thi...
SUSE CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...
CVE-2025-6432
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability affects Firefox 140 and Thunderbird 140...
UBUNTU-CVE-2025-6434
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox 140 and Thunderbird 140...