Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation, USA.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation, USA. A code execution vulnerability exists in Mozilla Firefox and Mozilla Firefox ESR due to a use-after-release in...

MiracleLinux 8 : thunderbird-128.14.0-3.el8_10.ML.1 (AXSA:2025-10810:21)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10810:21 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...

MiracleLinux 8 : firefox-128.14.0-2.el8_10.ML.1 (AXSA:2025-10786:30)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-10786:30 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escap...

MiracleLinux 8 : firefox-140.6.0-1.el8_10.ML.1 (AXSA:2025-11551:37)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-11551:37 advisory. firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 CVE-2025-14333 firefox: Use-after-fr...

Linux Distros Unpatched Vulnerability : CVE-2026-0884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

SUSE-SU-2026:20031-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Changes in MozillaFirefox: Firefox Extended Support Release 140.6.0 ESR was released: Fixed: Various security fixes. MFSA 2025-94 bsc1254551: CVE-2025-14321: Use-after-free in the WebRTC: Signaling component CVE-2025-14322: Sandbox escape...

CVE-2021-33440

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is NULL pointer dereference in mjsbcodecommit in mjs.c...

CVE-2021-33437

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There are memory leaks in frozencb in mjs.c...

CVE-2021-33443

An issue was discovered in mjs mJS: Restricted JavaScript engine, ES6 JavaScript version 6. There is stack buffer overflow in mjsexecute in mjs.c...

CVE-2022-23731

V8 javascript engine heap vulnerability can cause privilege escalation ,which can impact on some webOS TV models...

CVE-2020-24349

njs through 0.4.3, used in NGINX, allows control-flow hijack in njsvalueproperty in njsvalue.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface...

Amazon Linux 2023 : rhino, rhino-engine, rhino-javadoc (ALAS2023-2025-1339)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1339 advisory. Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine: JIT component...

USN-7941-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...