openSUSE 16 Security Update : MozillaThunderbird (openSUSE-SU-2026:20664-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20664-1 advisory. Changes in MozillaThunderbird: - Mozilla Thunderbird 140.10.0 ESR Newly translated strings were not available in Thunderbird MFSA 2026-34...

CVE-2026-39103

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...

GPUBreach: Privilege Escalation Attacks on GPUs Using Rowhammer

NVIDIA GPUs with GDDR memories have been shown susceptible to Rowhammer-based bit-flips, similar to CPUs. However, Rowhammer exploits on GPUs have been limited to injecting untargeted bit-flips in victim data like weights of machine learning models, to degrade model accuracy, unlike CPU exploits...

RHEL 8 : firefox (RHSA-2026:13683)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13683 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

Linux Distros Unpatched Vulnerability : CVE-2025-14576

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage...

RHEL 9 : firefox (RHSA-2026:13583)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13583 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

RHEL 9 : firefox (RHSA-2026:13596)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13596 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

RHEL 10 : firefox (RHSA-2026:13665)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13665 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

RHEL 8 : firefox (RHSA-2026:13682)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13682 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libpng:...

CVE-2026-42138

Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/files/upload, which requires authentication through the application API, is also vulnerable. This...

firefox: thunderbird: Privilege escalation in the Graphics: WebRender component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Graphics: WebRender component...

firefox: thunderbird: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component...

CVE-2026-24082 Use After Free in Automotive GPU

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

CVE-2026-24082

CVE-2026-24082 concerns a memory corruption (use-after-free) issue in an Automotive GPU, triggered when copying data from a freed source during a performance counter deselect operation. The connected records specify a memory corruption vulnerability with CVSSv3.1 base score 7.8 (HIGH), attack vec...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

RHEL 8 : thunderbird (RHSA-2026:13537)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13537 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...