18334 matches found
CVE-2026-4684 Race condition, use-after-free in the Graphics: WebRender component
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4684
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability affects Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4684
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4684 Race condition, use-after-free in the Graphics: WebRender component
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4684
CVE-2026-4684 describes a race condition leading to a use-after-free in the Graphics: WebRender component. Affected products/versions are Firefox < 149, Firefox ESR < 115.34, and Firefox ESR
CVE-2026-4684
Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder
A memory exhaustion vulnerability has been identified in ImageMagick when processing specially crafted SVG image files. In vulnerable versions, a maliciously crafted SVG element may trigger an excessively large internal memory allocation on the order of hundreds of gigabytes, causing the...
EUVD-2026-14680
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
CVE-2026-4675
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
Mozilla -- Multiple vulnerabilities
CVE-2026-4688: Sandbox escape due to use-after-free in Disability Access APIs. CVE-2026-4695: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4697: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-4700: Mitigation bypass in the...
Mozilla -- Multiple vulnerabilities
CVE-2026-4721: Memory safety bugs. Potential arbitrary code execution. CVE-2026-4709: Incorrect boundary conditions in the Audio/Video: GMP component. CVE-2026-4707: Incorrect boundary conditions in the Graphics: Canvas2D component. CVE-2026-4706: Incorrect boundary conditions in the Graphics:...
DiceBear 跨站脚本漏洞
DiceBear is an open-source random avatar generation library developed by DiceBear. Versions of DiceBear from 5.0.0 to 5.4.4, as well as versions before 6.1.4, 7.1.4, 8.0.3, and 9.4.1, contained a cross-site scripting vulnerability. This vulnerability occurred because SVG attribute values provided...
Mozilla多款产品 安全漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in multiple Mozilla products due to...
Mozilla多款产品 代码问题漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products that is...
Mozilla多款产品 代码问题漏洞
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code issue vulnerability exists in multiple Mozilla products due to an...
PT-2026-27423
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149 Description A security issue exists due to a use-after-free condition within the Graphics: Canvas2D component. This can lead to a sandbox escape. Recommendations Update Firefox to...
Mozilla Thunderbird < 149.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 149.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-23 advisory. - Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects...
Mozilla Firefox ESR < 115.34
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.34. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-21 advisory. - JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 149,...
Fedora 43 : chromium (2026-ae897eb928)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ae897eb928 advisory. Update to 146.0.7680.153 CVE-2026-4439: Out of bounds memory access in WebGL CVE-2026-4440: Out of bounds read and write in WebGL CVE-2026-4441: Use...
Mozilla Thunderbird < 140.9
The version of Thunderbird installed on the remote Windows host is prior to 140.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-24 advisory. - Privilege escalation in the Netmonitor component. This vulnerability affects Firefox 149, Firefox ESR 140.9,...