PT-2025-39359

Name of the Vulnerable Software and Affected Versions Total.js CMS version 1.0.0 Description A cross site scripting issue exists in Total.js CMS version 1.0.0. The issue is located in the layouts save function within the /admin/ file of the Layout Page component. Manipulation of the HTML argument...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

RHEL 8 : thunderbird (RHSA-2025:16589)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:16589 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free i...

SUSE-SU-2025:03309-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: - MFSA 2025-78 CVE-2025-10527: sandbox escape due to use-after-free in the Graphics: Canvas2D component. CVE-2025-10528: sandbox escape due to undefined behavior,...

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 140.3.0 ESR bsc1249391. MFSA 2025-75: CVE-2025-10527 bmo1984825 Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10528 bmo1986185 Sandbox escape due to undefined behavior,...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

ALSA-2025:16260 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

RHEL 9 : thunderbird (RHSA-2025:16156)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:16156 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free i...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the JavaScript: GC component CVE-2025-10532 firefox:...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

firefox: thunderbird: Same-origin policy bypass in the Layout component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to missing authorization checks in the view process. An attacker can access sensitive display page templates by sending crafted URLs. Remediation Upgrade...

SUSE CVE-2025-10529

Same-origin policy bypass in the Layout component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

MAL-2025-47259 Malicious code in @operato/layout (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44a552d4764e4a94731bc775f336a42c5c009c3087c446620633144c2b27a31d Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @operato/layout (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44a552d4764e4a94731bc775f336a42c5c009c3087c446620633144c2b27a31d Any computer that has this package installed or running should be considered fully compromised. All...