57564 matches found
PT-2026-45967
These are all security issues fixed in the libmozjs-115-0-115.15.0-9.1 package on the GA media of openSUSE Tumbleweed...
Security Vulnerabilities fixed in Firefox 151.0.3 — Mozilla
CVE-2026-10701: Incorrect boundary conditions in the Graphics: Text component Reporter taiho kim Impact high References Bug 2038537 CVE-2026-10702: JIT miscompilation in the JavaScript Engine: JIT component Reporter Nebula Security Impact high References Bug 2040903...
ALSA-2026:22643 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...
PT-2026-45823
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...
CVE-2026-24754
Kiteworks is a private data network PDN. Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code in other users' sessions. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...
CVE-2026-24754
CVE-2026-24754 affects Kiteworks, where a stored XSS vulnerability exists in Secure Data Forms prior to version 9.3.0. An authenticated attacker could execute arbitrary JavaScript in other users’ sessions. The issue is mitigated by upgrading to Kiteworks version 9.3.0 or later, which provides a p...
CVE-2026-24751
Kiteworks is a private data network PDN. Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
firefox: thunderbird: Other issue in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...
CVE-2026-9308
Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...
CVE-2026-9309
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
CVE-2026-9309 Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
CVE-2026-9309
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
CVE-2026-9309 Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
CVE-2026-9309
CVE-2026-9309 affects Firefox for iOS Reader View. The issue is improper escaping of HTML tags in JSON-LD metadata, enabling a malicious page to inject markup that leaks sensitive URL parameters and could lead to arbitrary JavaScript execution in an internal origin. Impact is described as access ...
CVE-2026-9309
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
EUVD-2026-33630
Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...
CVE-2026-9308
Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...
CVE-2026-9308 Arbitrary JavaScript execution in Reader View due to wrong HTML replacement order
Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...
EUVD-2026-33629
Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...